Re: >10W idle power usage on framework laptop 12th gen 13inch

[Kirill A . Korinsky]

On Tue, 30 Apr 2024 15:01:43 +0200,
"Nathaniel Griswold"  wrote:
> 
> My serperf seems to be at a consistent zero in my idle tests which makes
> me think the patch may not help my idle tests much, but may help actual
> usage.
>

In my personal use case it allows to win near 30 minutes of battery
life. As example I've picked two morning when I haven't run anything
heavy like calls in zoom.

Without powersaving:

Apr 27 10:13:42 matebook apmd: system resumed from sleep
Apr 27 10:13:42 matebook apmd: battery status: high. external power status: 
not connected. estimated battery life 100% (1130 minutes life time estimate)
Apr 27 11:27:52 matebook apmd: battery status: low. external power status: 
not connected. estimated battery life 50% (65 minutes life time estimate)
Apr 27 12:24:12 matebook apmd: battery status: CRITICAL. external power 
status: not connected. estimated battery life 15% (20 minutes life time 
estimate)

after 1h 14m I had left 50% of battery, and aftre 2h 11m had 15%.

With powersaving:

Apr 30 11:07:21 matebook apmd: system resumed from sleep
Apr 30 11:07:21 matebook apmd: battery status: high. external power status: 
not connected. estimated battery life 100% (2506 minutes life time estimate)
Apr 30 12:46:12 matebook apmd: battery status: low. external power status: 
not connected. estimated battery life 50% (111 minutes life time estimate)
Apr 30 13:56:00 matebook apmd: battery status: CRITICAL. external power 
status: not connected. estimated battery life 15% (32 minutes life time 
estimate)

after 1h 29m I had left 50% of battery, and after 2h 39m had 15%.

So, this patch allows to run the same machine on the same usage longer with
some performance penalty which seems quite fair.

-- 
wbr, Kirill

Re: fw_update

[Kirill A . Korinsky]

On Tue, 30 Apr 2024 12:35:17 +0200,
fr...@lilo.org wrote:
> 
> How does fw_update install the drivers?

It downloads firmware from http://firmware.openbsd.org/firmware/
and installs it as package in system.

> How does it know which driver is missing on the system?

It checks patterns from /usr/share/misc/firmware_patterns which maps
firmware to a pattern in dmesg.

> All these questions to install the drivers manually (offline)

You may download it by hand and install as fw_update /path/to/firmware.tgz

-- 
wbr, Kirill

Re: >10W idle power usage on framework laptop 12th gen 13inch

[Kirill A . Korinsky]

On Tue, 30 Apr 2024 11:17:35 +0200,
Kirill A. Korinsky  wrote:
> 
> Frankly speaking I never care about watt consumption, but offline time which
> is depend on it is important in my case, so here the recovered patch.
> 

Here a bit updated version which introduced a flag -P in apmd which you may
control via rcctl and enable / disable that feature without rebooting and
recompiling kernel, apmd and apm.

diff --git sys/kern/sched_bsd.c sys/kern/sched_bsd.c
index 25b221c1ee2..b1e5bd142c3 100644
--- sys/kern/sched_bsd.c
+++ sys/kern/sched_bsd.c
@@ -573,6 +573,7 @@ void (*cpu_setperf)(int);
 #define PERFPOL_MANUAL 0
 #define PERFPOL_AUTO 1
 #define PERFPOL_HIGH 2
+#define PERFPOL_POWERSAVING 4
 int perflevel = 100;
 int perfpolicy = PERFPOL_AUTO;
 
@@ -583,7 +584,9 @@ int perfpolicy = PERFPOL_AUTO;
 #include 
 
 void setperf_auto(void *);
+void setperf_powersaving(void *);
 struct timeout setperf_to = TIMEOUT_INITIALIZER(setperf_auto, NULL);
+struct timeout setperf_to_powersaving = 
TIMEOUT_INITIALIZER(setperf_powersaving, NULL);
 extern int hw_power;
 
 void
@@ -653,6 +656,76 @@ faster:
timeout_add_msec(_to, 100);
 }
 
+void
+setperf_powersaving(void *v)
+{
+   static uint64_t *idleticks, *totalticks;
+   static int downbeats;
+   int i, j = 0;
+   int speedup = 0;
+   CPU_INFO_ITERATOR cii;
+   struct cpu_info *ci;
+   uint64_t idle, total, allidle = 0, alltotal = 0;
+
+   if (perfpolicy != PERFPOL_POWERSAVING)
+   return;
+
+   if (cpu_setperf == NULL)
+   return;
+
+   if (hw_power) {
+   speedup = 1;
+   goto faster;
+   }
+
+   if (!idleticks)
+   if (!(idleticks = mallocarray(ncpusfound, sizeof(*idleticks),
+   M_DEVBUF, M_NOWAIT | M_ZERO)))
+   return;
+   if (!totalticks)
+   if (!(totalticks = mallocarray(ncpusfound, sizeof(*totalticks),
+   M_DEVBUF, M_NOWAIT | M_ZERO))) {
+   free(idleticks, M_DEVBUF,
+   sizeof(*idleticks) * ncpusfound);
+   return;
+   }
+   CPU_INFO_FOREACH(cii, ci) {
+   if (!cpu_is_online(ci))
+   continue;
+   total = 0;
+   for (i = 0; i < CPUSTATES; i++) {
+   total += ci->ci_schedstate.spc_cp_time[i];
+   }
+   total -= totalticks[j];
+   idle = ci->ci_schedstate.spc_cp_time[CP_IDLE] - idleticks[j];
+   if (idle < total / 3)
+   speedup = 1;
+   alltotal += total;
+   allidle += idle;
+   idleticks[j] += idle;
+   totalticks[j] += total;
+   j++;
+   }
+   if (allidle < alltotal / 3)
+   speedup = 1;
+   if (speedup)
+   /* twice as long here because we check every 200ms */
+   downbeats = 1;
+
+   if (speedup && perflevel != 100) {
+faster:
+   perflevel = 100;
+   cpu_setperf(perflevel);
+   } else if (!speedup && perflevel != 0 && --downbeats <= 0) {
+   perflevel = 0;
+   cpu_setperf(perflevel);
+   }
+
+   /* every 200ms to have a better resolution of the load */
+   timeout_add_msec(_to_powersaving, 200);
+}
+
+
 int
 sysctl_hwsetperf(void *oldp, size_t *oldlenp, void *newp, size_t newlen)
 {
@@ -691,6 +764,9 @@ sysctl_hwperfpolicy(void *oldp, size_t *oldlenp, void 
*newp, size_t newlen)
case PERFPOL_AUTO:
strlcpy(policy, "auto", sizeof(policy));
break;
+   case PERFPOL_POWERSAVING:
+   strlcpy(policy, "powersaving", sizeof(policy));
+   break;
case PERFPOL_HIGH:
strlcpy(policy, "high", sizeof(policy));
break;
@@ -709,6 +785,8 @@ sysctl_hwperfpolicy(void *oldp, size_t *oldlenp, void 
*newp, size_t newlen)
perfpolicy = PERFPOL_MANUAL;
else if (strcmp(policy, "auto") == 0)
perfpolicy = PERFPOL_AUTO;
+   else if (strcmp(policy, "powersaving") == 0)
+   perfpolicy = PERFPOL_POWERSAVING;
else if (strcmp(policy, "high") == 0)
perfpolicy = PERFPOL_HIGH;
else
@@ -716,6 +794,8 @@ sysctl_hwperfpolicy(void *oldp, size_t *oldlenp, void 
*newp, size_t newlen)
 
if (perfpolicy == PERFPOL_AUTO) {
timeout_add_msec(_to, 200);
+   } else if (perfpolicy == PERFPOL_POWERSAVING) {
+   timeout_add_msec(_to_powersaving, 200);
} else if (perfpolicy == PERFPOL_HIGH) {
perflevel = 100;
cpu_setperf(perflevel);
diff --git usr.sbin/apmd/apm-proto.h usr.sbin/apmd/apm-proto.h
index 867d0afbd70..166618e996f 100644
--- usr.sbin/apmd/apm-p

Re: >10W idle power usage on framework laptop 12th gen 13inch

[Kirill A . Korinsky]

On Tue, 30 Apr 2024 05:31:21 +0200,
"Nathaniel Griswold"  wrote:
>
> > I had near the same question sometime ago but on different machine, and I've
> > discovered a patch which I've inlinded into this email.
> >
>
> Hm, ok, i'll try it. Do you have any insight into whether obsdfreqd has
> similar power saving to this patch? It seems to set the perf similarly. I
> wasn't having much luck with obsdfreqd as far as wattage, however...
>

Well, I haven't tried it but I've read documentation [1] and it seems a bit
differently, isn't it?

On idle this laptop has on 400 MHz, and provided patch decrease
responsibility of system when it runs on battery, but allows to win some
time on it. Like additionall half an hour or a bit more.

Frankly speaking I never care about watt consumption, but offline time which
is depend on it is important in my case, so here the recovered patch.

Footnotes:
[1]  https://git.sr.ht/~solene/obsdfreqd

--
wbr, Kirill

Re: >10W idle power usage on framework laptop 12th gen 13inch

[Kirill A . Korinsky]

  perfpolicy = PERFPOL_HIGH;
else
@@ -716,6 +794,8 @@ sysctl_hwperfpolicy(void *oldp, size_t *oldlenp, void 
*newp, size_t newlen)
 
if (perfpolicy == PERFPOL_AUTO) {
timeout_add_msec(_to, 200);
+   } else if (perfpolicy == PERFPOL_POWERSAVING) {
+   timeout_add_msec(_to_powersaving, 200);
} else if (perfpolicy == PERFPOL_HIGH) {
perflevel = 100;
cpu_setperf(perflevel);
diff --git usr.sbin/apmd/apm-proto.h usr.sbin/apmd/apm-proto.h
index 867d0afbd70..166618e996f 100644
--- usr.sbin/apmd/apm-proto.h
+++ usr.sbin/apmd/apm-proto.h
@@ -38,6 +38,7 @@ enum apm_action {
SETPERF_LOW,
SETPERF_HIGH,
SETPERF_AUTO,
+   SETPERF_POWERSAVING,
 };
 
 enum apm_state {
@@ -51,6 +52,7 @@ enum apm_perfmode {
PERF_NONE = -1,
PERF_MANUAL,
PERF_AUTO,
+   PERF_POWERSAVING,
 };
 
 struct apm_command {
diff --git usr.sbin/apmd/apmd.c usr.sbin/apmd/apmd.c
index f29d5c9a081..cc2e026dc11 100644
--- usr.sbin/apmd/apmd.c
+++ usr.sbin/apmd/apmd.c
@@ -139,6 +139,10 @@ power_status(int fd, int force, struct apm_power_info 
*pinfo)
static struct apm_power_info last;
int acon = 0, priority = LOG_NOTICE;
 
+   int perfpol_mib[] = { CTL_HW, HW_PERFPOLICY };
+   char perfpol[32];
+   size_t perfpol_sz = sizeof(perfpol);
+
if (fd == -1) {
if (pinfo) {
bstate.battery_state = 255;
@@ -151,11 +155,18 @@ power_status(int fd, int force, struct apm_power_info 
*pinfo)
return 0;
}
 
+   if (sysctl(perfpol_mib, 2, perfpol, _sz, NULL, 0) == -1)
+   logmsg(LOG_INFO, "cannot read hw.perfpolicy");
+
if (ioctl(fd, APM_IOC_GETPOWER, ) == 0) {
/* various conditions under which we report status:  something changed
 * enough since last report, or asked to force a print */
-   if (bstate.ac_state == APM_AC_ON)
+   if (bstate.ac_state == APM_AC_ON) {
acon = 1;
+   if(strcmp(perfpol, "powersaving") == 0) 
setperfpolicy("auto");
+   } else
+   if(strcmp(perfpol, "auto") == 0) 
setperfpolicy("powersaving");
+
if (bstate.battery_state == APM_BATT_CRITICAL &&
bstate.battery_state != last.battery_state)
priority = LOG_EMERG;
@@ -282,6 +293,11 @@ handle_client(int sock_fd, int ctl_fd)
logmsg(LOG_NOTICE, "setting hw.perfpolicy to high");
setperfpolicy("high");
break;
+   case SETPERF_POWERSAVING:
+   reply.newstate = NORMAL;
+   logmsg(LOG_NOTICE, "setting hw.perfpolicy to powersaving");
+   setperfpolicy("powersaving");
+   break;
case SETPERF_AUTO:
reply.newstate = NORMAL;
logmsg(LOG_NOTICE, "setting hw.perfpolicy to auto");
@@ -299,8 +315,10 @@ handle_client(int sock_fd, int ctl_fd)
if (strcmp(perfpol, "manual") == 0 ||
strcmp(perfpol, "high") == 0) {
reply.perfmode = PERF_MANUAL;
-   } else if (strcmp(perfpol, "auto") == 0)
+   } else if (strcmp(perfpol, "auto") == 0) {
reply.perfmode = PERF_AUTO;
+   } else if (strcmp(perfpol, "powersaving") == 0)
+   reply.perfmode = PERF_POWERSAVING;
}
 
if (sysctl(cpuspeed_mib, 2, , _sz, NULL, 0) == -1) {
diff --git usr.sbin/apmd/apmsubr.c usr.sbin/apmd/apmsubr.c
index 6504fe823bb..a1dbcfb2c61 100644
--- usr.sbin/apmd/apmsubr.c
+++ usr.sbin/apmd/apmsubr.c
@@ -79,6 +79,8 @@ perf_mode(int mode)
return "manual";
case PERF_AUTO:
return "auto";
+   case PERF_POWERSAVING:
+   return "powersaving";
default:
return "invalid";
}


-- 
wbr, Kirill

Re: OpenSMTP lmtp without unix users

[Kirill A . Korinsky]

Greetings,

On Sat, 27 Apr 2024 17:31:24 +0200,
"Nicolas Goy"  wrote:
> 
> How can I make it work with a single vmail unix user? Without losing the
> catchall?
> 

I do have a bit more complicated setup.

smtpd.conf:

   table local-emails   file:/etc/mail/local-emails
   table aliasesfile:/etc/mail/aliases
   table domainsfile:/etc/mail/domains
   table credentialspasswd:/etc/mail/credentials

   ...

   listen on egress inet4 port smtp tls pki mx.catap.net \
  filter { admdscrub, "auth", dnsbl }

   action deliver_lmtp lmtp "/var/dovecot/lmtp" rcpt-to virtual 
   match from any for domain  \
 ! rcpt-to  action deliver_lmtp


so tables:

1. local-emails is a list of email which can be reached only inside mail
server. For example I like to have nice email for printer, but I don't like
when it start to recieve spam :)

2. credentials is shared with dovecot and has format:

  :::extra_fields

thus, usually I use short version:

  :::

where password is hash which I get via smtpctl encryp.

3. domains is just a list of supported domains. I don't really need it here,
but keep it because it is re-used inside DKIM signature generator.

4. alisases, it is usual alliases plus each user from credentials should
have record like:

  u...@email.com: vmail

to redirect his email to dovecot. No record here means user may send email
(auth on mail server) but never get anything back. And mail server says that
user do not exists which can be an issue for some servers.

-- 
wbr, Kirill

Re: mongo shell on openBSD

[Kirill A . Korinsky]

On Mon, 22 Apr 2024 17:40:22 +0200,
Luca Leone wrote:
> 
> I successfully installed the mongodb-4.4.2 package on the server which run 
> openBSD 7.4. It's the db of a node js app.
> Locally on my Mac, I interact with the local mongo db through the mongo 
> shell. I'd like to do the same on the server with the installed mongo db BUT 
> there's no "mongo shell" package and I could not find any doc explaining how 
> to install the mongo shell on openBSD. Is there a way? Or is there an 
> alternative way to interact directly with the db?
> 

Base on doc [1] you're looking for binary with name mongo which is part of
port mongodb version 44 [2]. So, I assume that if you install mongodb,
you'll have that you're looking for.

Footnotes:
[1]  https://www.mongodb.com/docs/v4.4/mongo/

[2]  https://github.com/openbsd/ports/blob/master/databases/mongodb/44/pkg/PLIST

-- 
wbr, Kirill

Re: syntax error in httpd.conf file

[Kirill A . Korinsky]

On Fri, 19 Apr 2024 13:30:47 +0200,
Luca Leone wrote:
> 
> I'll keep working on it, but after a couple of days spent on this stuff I'm 
> starting to think that maybe to serve my node app there should be an easier 
> way than openbsd ;)
>

I guess you mean someting like that?

  table  { 127.0.0.1 }

  http protocol https {
  match request header append "X-Forwarded-For" value "$REMOTE_ADDR"

  tls keypair birbi.biz:443
  pass request forward to 
  }

  relay https {
  listen on egress port https tls
  protocol https

  forward to  port 3000
  }

-- 
wbr, Kirill

Re: Migrate to different FS layout of OpenBSD

[Kirill A . Korinsky]

On Sun, 07 Apr 2024 12:02:05 +0200,
Stuart Henderson wrote:
> 
> softraid doesn't allow creating a 'degraded mirror' i.e. a single drive
> that you can later add another drive to make a RAID1. You would need at
> least one spare drive to do what you want.
> 

Thanks, that is a kind of inside which I've been looking for.

-- 
wbr, Kirill

Re: Migrate to different FS layout of OpenBSD

[Kirill A . Korinsky]

On Sat, 06 Apr 2024 23:14:39 +0200,
Peter Hessler wrote:
> 
> RAID0 is called that because zero is what you'll recover if you lose a
> disk.  This is amazingly dangerous, and you're going to have a bad time.
> 
> Do a backup, then restore from backup.
> 

I was totally misslead. I mean that I have RAID1 which is know as mirror.

To be clear: here a two identical servers where I'd like to change FS
layout, and before I go to reinstall everything, I can try this approach.

-- 
wbr, Kirill

Migrate to different FS layout of OpenBSD

[Kirill A . Korinsky]

Folks,

I'm looking for a way to migrate to different layout some OpenBSD systems.

All of them has RAID0 and as far as I think I may something like this:

1. Remove second disk from RAID.
2. Build a new RAID0 on the second disk.
3. Make desires layout on the second RAID.
4. dump | restore
5. Boot from the second RAID.
6. Add the first disk to the second RAID.

I have re-read https://www.openbsd.org/faq/faq14.html a few times and I
feel that this is quite risky.

So, questions:
1. Has anyone done something like this before?
2. Do you have any instruction or that to expect?

Thanks in advance.

-- 
wbr, Kirill

Re: Bash instead of ksh

[Kirill A . Korinsky]

On Mon, 01 Apr 2024 18:24:06 +0200,
Karel Lucas wrote:
> 
> Instead of ksh I want to use bash as a general shell. But how can I set
> it up that way? Bash is already installed.
> 

https://man.openbsd.org/chsh

-- 
wbr, Kirill

Re: Today's snapshot brokes some Qt app?

[Kirill A . Korinsky]

On Mon, 01 Apr 2024 04:03:11 +0200,
Lucas de Sena wrote:
> 
> Telegram-desktop (net/tdesktop) also crashed here after a package update.
> 
> I then noticed it was caused by linking issues with the qt6 libraries.
> Deleting and adding net/tdesktop simply solved that.
> 
> That should not be a problem tho.  Applications are normally reinstalled
> after the library is updated (or does that only happen when a major
> version of the library is installed?).

I'd like to confirm that reinstall of tdesktop helps.

Also, when I run an upgrade of packgages, I saw that wireshark was updated
after update of qt that may explains why did it work.

-- 
wbr, Kirill

Today's snapshot brokes some Qt app?

[Kirill A . Korinsky]

Folks,

I just run: pkg_add -D snap -u

After that I've discovered that some Qt apps are crashing with errors like:

  Cannot add multiple registrations for QtQuick
  Abort trap (core dumped) 

for example telegram-desktop crashes but wireshark doesn't.

-- 
wbr, Kirill

Touchpad stuck on click

[Kirill A . Korinsky]

Folks,

I have encountered a wired issue with touchpad: it stay in status similar to
pushed left button. I can move it, but I can't select anything.

If I make rigth click, it may clicks, or may ignore it.

I have no idea how to dig it, but it appears after move from 7.4 to
snapshot, and it's here for couple of weeks.

Hardware: Huawei Matebook X 2020

  ~ $ doas wsconsctl mouse
  mouse.type=touchpad
  mouse.rawmode=0
  mouse.scale=0,3643,0,2000,0,31,31
  mouse.reverse_scrolling=1
  mouse.tp.tapping=1,3,2
  mouse.tp.mtbuttons=1
  mouse.tp.scaling=0.221
  mouse.tp.swapsides=0
  mouse.tp.disable=0
  mouse.tp.edges=0.0,5.0,10.0,5.0
  ~ $ 

Rigth now it was reproduced on snapshot without any additional patches.

If you have any idea how to dig future, I'll appriciete that.

Thanks.

-- 
wbr, Kirill

Re: Camera or mic works on video calls, but not both

[Kirill A . Korinsky]

On Sun, 24 Mar 2024 02:45:16 +0100,
Sadeep Madurange wrote:
> 
> Then I tried Zoom on firefox (doesn't work with chromium at all). I can
> both see and hear the other party. They can hear me, but can't see my
> video. I see a warning on my end saying that it couldn't detect my
> camera.

As far as I recall zoom requries WebAssembly to work which is disabled by
default at chromiun. You may enable it by starting chromium with environment
variable ENABLE_WASM=1.

Keep in mind that you should close all it's processes, and not just run
command like `env ENABLE_WASM=1 chromium` because it uses IPC to open a new
window / frame from current process, if it exists. 

-- 
wbr, Kirill

Re: wireguard reconfiguration reliability

[Kirill Miazine]

• Страхиња Радић [2024-03-21 16:31]:

On 24/03/20 08:15AM, Kirill Miazine wrote:

#!/bin/sh
ifconfig wg1 | \
 grep wgaip | \
 awk '{print $2} ' | \
 grep /32$ | \
 sed 's/\/32//' | \
 sort | while read x; do
   ping -w 1 -c 1 $x 2>&1
done


Just FYI, you don't need backslashes (\) here, as the command ending with a
pipe is an incomplete pipeline. ;-)



ah, thanks a lot, good to know!

in this case I added escaped newlines when posting, i have all on one 
line, but I think i could have scripts where a pipe is followed by 
escaped newline. have to check that one.


i see some scripts in /etc also use escaped newlines after pipes:

root@stable ~ # grep -r '| \\$' /etc/
/etc/daily: baksize=`disklabel $bakdisk 2>/dev/null | \
/etc/daily: rootsize=`disklabel $rootdisk 2>/dev/null | \
/etc/weekly:echo "${UPDATEDB} --fcodes=-" | \

Re: wireguard reconfiguration reliability

[Kirill Miazine]

• Paul B. Henson [2024-03-20 15:43]:
> On Wed, Mar 20, 2024 at 09:56:06PM +0100, Kirill Miazine wrote:
> 
> > Like in this thread, I guess:
> > 
> > https://marc.info/?t=16964239631=1=2
> 
> Yes, that is likely the issue we're hitting. Seems last message is from
> 10/2023 and the issue wasn't resolved :(, so I guess it's a known
> problem with no solution on the horizon.
> 
> Next time I'll try your workaround of batching the commands up (ifconfig
> wg1 down; ifconfig wg1 delete; ifconfig wg1 destroy) rather than running
> one at a time and keep my fingers crossed I win the race condition :).

I could as well share how I reconfigure my wgpeers for wg1: I just
remove them all first and then re-add whatever is in /etc/hostname.wg1,
keeping the wg interface itself alone:

ifconfig wg1 -wgpeerall
grep ^wgpeer /etc/hostname.wg1|while read x;do ifconfig wg1 $x;done

> Thanks for the help...
> 

-- 
-- Kirill Miazine 

Re: wireguard reconfiguration reliability

[Kirill Miazine]

• Paul B. Henson [2024-03-20 21:14]:

On 3/20/2024 9:21 AM, Zack Newman wrote:


clients in rdomain(4) 0. Last week I ran ifconfig wg1 destroy, replaced
the wgkey and wgpsk for one of the three wgpeers in the second interface,
and ran sh /etc/netstart wg1. Once I did this, the server seemingly 
froze:


That's similar to what we see, although generally the entire server 
doesn't die, just the ifconfig command wedges and can't be killed, and 
the box can't be rebooted cleanly.


Like in this thread, I guess:

https://marc.info/?t=16964239631=1=2


Thanks for the feedback…

Re: wireguard reconfiguration reliability

[Kirill Miazine]

• Paul B. Henson [2024-03-20 20:38]:

On 3/20/2024 1:44 AM, Kirill Miazine wrote:


actually I checked, and I do use wgpka on clients, but not on the
server -- I don't remember why I didn't...


In our case the server is on an Internet accessible address, whereas the 
clients are behind a NAT firewall. We also have keepalives enabled on 
the clients (to maintain their NAT mapping) but not on the server (as if 
the client isn't sending its keepalives the server isn't going to get 
through anyway).


this decribes my setup more or less, but some "clients" have stable, 
routable, reachable addresses.


A scenario where it stops but then works again as soon as traffic is 
sent does kind of sound like a firewall or NAT timeout issue?  We don't 
have that problem, if we leave it completely alone it generally works 
indefinitely with no issues. It's just when we try to modify the 
configuration that things sometimes go sideways.


what makes flow stop is e.g. if server is rebooted, then clients 
wouldn't re-connect. it could also be that flushing wgpeers and then 
re-adding them also made clients go away.


again, I haven't spent much time debugging and can't guarantee that 
described behaviour is what really is going on: I noticed the issue and 
that ping would seemingly resolve it, so I just added pings everywhere.



Thanks for the data point…

Re: wireguard reconfiguration reliability

[Kirill Miazine]

• Lorenz (xha) [2024-03-20 09:29]:
[...]
> > I've seen some issues too, but has not identified a reproducible pattern.
> > What I've seen, however, is that WG packets start flowing when the other end
> > of the connection pings back, so in my setup with a central VPN server I
> > make it ping all the peers' WG IP adress periodically:
> > 
> > #!/bin/sh
> > ifconfig wg1 | \
> > grep wgaip | \
> > awk '{print $2} ' | \
> > grep /32$ | \
> > sed 's/\/32//' | \
> > sort | while read x; do
> >   ping -w 1 -c 1 $x 2>&1
> > done
> > 
> > and then each peer also pings the server's WG IP periodically.
> 
> i think that this is a different issue than the one paul has. are
> you aware that the "wgpka" option exists? (documented in ifconfig(8)).
> that might solve your problem.

could be a different issue FWIW.

yes, I am aware of and use wgpka, and yet the workaround still was
necessary.

Re: wireguard reconfiguration reliability

[Kirill Miazine]

Hi there

• Paul B. Henson [2024-03-20 05:40]:

We're using wireguard to set up VPN connections from various systems
deployed on-prem at customer sites to central openbsd boxes to route
internal traffic between the remote boxes and the internal network.

After a fresh reboot with a given configuration, everything works great.
The problem we have is when we later add or remove a remote system and
try to reconfigure the wireguard interface on the central servers.

Sometimes the new system just won't work, or oddly the new system works
fine but an existing system that was working breaks 8-/. When that
happens, we generally have to reboot it, at which point everything
works.


I've seen some issues too, but has not identified a reproducible 
pattern. What I've seen, however, is that WG packets start flowing when 
the other end of the connection pings back, so in my setup with a 
central VPN server I make it ping all the peers' WG IP adress periodically:


#!/bin/sh
ifconfig wg1 | \
grep wgaip | \
awk '{print $2} ' | \
grep /32$ | \
sed 's/\/32//' | \
sort | while read x; do
  ping -w 1 -c 1 $x 2>&1
done

and then each peer also pings the server's WG IP periodically.


Occasionally ifconfig on the wg interface just wedges completely. When
that happens, it won't reboot cleaning, we have to hard reset it.


I've seen lockups upon destroying wg interface, but not during normal 
operations (i.e. leaving wg alone).



Has anyone else seen this type of behavior? I'm not sure how common it
is to have regular ongoing changes to wireguard like we are doing, so it
might not pop up often.

Thanks much...

Re: Fwd: Disk encryption cipher

[Kirill A . Korinsky]

On Wed, 06 Mar 2024 10:40:31 +0100,
Daniele B. wrote:
> 
> Initially I blacklisted his ip. Then, understood the music, I started to find 
> its approaching intriguing.. ;D
> 

I wonder how did you blacklist someone by IP who sents his emails into
maillist? By parsing all Received headers to find some bad IP? Or?

-- 
wbr, Kirill

Re: how to external encrypted drive that supports OpenBSD and FreeBSD?

[Kirill A . Korinsky]

On Fri, 01 Mar 2024 18:08:39 +0100,
beecdadd...@danwin1210.de wrote:
> 
> that will do! is just backup! thank you very much

If you need only backup... why not use restic?

> what if it wasn't read-only and was active partition with writing?
> 

See https://www.openbsd.org/faq/faq14.html#softraid as anoter way.

-- 
wbr, Kirill

Re: mirror.bytemark.co.uk appears to have removed all OpenBSD content?

[Kirill A . Korinsky]

On Tue, 27 Feb 2024 14:59:32 +0100,
Kenneth Gober wrote:
> 
> Slightly off topic, but does anyone know of any archives that have
> packages for 3.0, 3.1, 3.2, and/or 3.3?  Especially 3.0 -- the only
> site I've ever found with 3.0 packages may have been incomplete.
>

https://mirror.leaseweb.com/pub/OpenBSD

whcih also has rsync mirror BTW

-- 
wbr, Kirill

Re: YubiKey blocked by pcscd(8)

[Kirill A . Korinsky]

On Tue, 27 Feb 2024 15:05:08 +0100,
Lévai, Dániel wrote:
> 
> Hi all,
> 
> I was wondering if it's possible to use a YubiKey 5 a bit more conveniently 
> if trying to use more than one of its features.
>

I use it for:
 - GnuPG signature and as SSH key;
 - a TOTP generator

See:

  ~ $ doas rcctl check pcscd  
  pcscd(ok)
  ~ $ ykman list

  WARNING: No OTP HID backend available. OTP protocols will not function.
  ERROR: Unable to list devices for connection
  YubiKey 5C Nano (5.1.0) [CCID] Serial: XXX
  ~ $ ykman oath accounts list | wc -l
  WARNING: No OTP HID backend available. OTP protocols will not function.
72
  ~ $

-- 
wbr, Kirill

Re: Automatic OS updates

[Kirill A . Korinsky]

On Wed, 21 Feb 2024 21:11:05 +0100,
Stuart Henderson wrote:
> 
> If you're using sysupgrade -s, you also want -Dsnap in pkg_add.
> 

After double check in man it seems not nessesary, let me quote:

 %c  Expands to the string "snapshots" when running a -current or -beta
 kernel, or if the command line option -D snap | -D snapshot is
 specified.  Otherwise, %c expands to %v, which selects a release
 version.

-- 
wbr, Kirill

Re: Automatic OS updates

[Kirill A . Korinsky]

On Wed, 21 Feb 2024 18:05:56 +0100,
b...@fea.st wrote:
> 
> FWIW if you guys want to yell at me for spreading bad ideas,
> I've posted how to do automatic updates here:
> 
> https://openbsd.pages.dev/auto-updates/
> 
> I'm both trying out the Hugo package and like, documenting
> how I've set things up in case I have to reinstall.
> 
> Time moves fast and I'm damn impressed by how smooth the
> BSD experience is.
> 

I suggest to add that regression may occure during an upgrade.

And personally, bug fixing a nigth upgrade is not something that I
prefer to do with morning coffee.

-- 
wbr, Kirill

Re: Block HTTP requests from non-browser clients

[Kirill A . Korinsky]

On Wed, 21 Feb 2024 14:57:29 +0100,
Sadeep Madurange wrote:
> 
> Is there a way to block non-browser clients from accessing a website
> (e.g., scraping attempts by bots or even software like Selenium that
> might programmatically control a browser), preferrably before the
> requests reach the webserver?
> 
> I'm wondering if there's a to do that with, for example, pf to block
> such requests completely rather than responding with a 403.
> 

Here the whole industry which is called Bot Managment which solves that
issue via analyzing request, offers to some edge cases captcha and so
on.

A trivial bot can be catch by regex against User-Agent, or via rate
limit. But more sophisticated ones need a lot of tools, which may
include things like crossing user agent with TLS-level extentions inside
Hello packet, checks against lists of blacklisted IPs and so on.

As far as I know the best public availabe list of "bad IP" is
https://www.blocklist.de/ which isn't full but allows to ban
automatically something. Thus, you may use spamd-setup in blocking mode
to fill pf rules via cron.

-- 
wbr, Kirill

Re: certbot in cron - best way?

[Kirill A . Korinsky]

Greetings,

On Tue, 20 Feb 2024 16:43:27 +0100,
m...@phosphorus.com.br wrote:
> 
> Which setup are you using to automatically update certs with certbot, in
> cron, and keeping /etc/httpd.conf updated accordingly?
> 

I use records in /etc/acme-client.conf like:

  authority letsencrypt {
  api url "https://acme-v02.api.letsencrypt.org/directory;
  account key "/etc/acme/letsencrypt-privkey.crt"
  }

  domain mx1.catap.net {
  alternative names { mx.catap.net }
  domain key "/etc/ssl/private/mx1.catap.net.key"
  domain full chain certificate "/etc/ssl/mx1.catap.net.crt"
  sign with letsencrypt
  }

which is very similar to an example with one notable exception: I use
path which complaint with relayd pki settings, and also keep full chain.

The certificates is updated on two possible way.

When a machine is dedicated for a single service and it has only one
certificate I keep inside /etc/daily.local

  acme-client $(hostname) && /usr/sbin/rcctl restart relayd smtpd dovecot

which restart relayed daemons when certificate is updated.

Or machine which is used as web hosting with multiple domain, here I use
relayd to terminate SSL and update is via /etc/daily.local as:

  SSL_UPDATED=0
  for domain in $(awk '/^domain/ { print $2 }' /etc/acme-client.conf)
  do
  acme-client $domain && SSL_UPDATED=1
  done

  if [ $SSL_UPDATED -ne 0 ]; then
  rcctl restart relayd
  fi

-- 
wbr, Kirill

Re: Ignore some USB devices

[Kirill A . Korinsky]

On Tue, 20 Feb 2024 00:21:30 +0100,
Stuart Henderson wrote:
>
> No - ugen acts as a fallback. If a USB device is claimed by another driver,
> ugen won't get a chance to attach to it.
>
> There is a common mechanism to recognise devices by vid/pid for special
> handling - sometimes to prevent attaching - sometimes for other adaptations
> which are needed. If you're interested, see sys/dev/usb/usb_quirks.c and look
> at how UQ_BAD_HID is used to knock out devices which would normally be
> claimed by uhid(4); you could use something similar to prevent e.g. uaudio
> from attaching to a certain device. However, it would require compiling
> the kernel to configure it.
>

Thanks, this is that I'm looking for.

I hope that I can do it without rebuilding the kernel, but after reading
some code around I see that adding a global flag to ignore some USB
devices makes code quite frigile. Or should be duplicated a lot.

--
wbr, Kirill

Re: Ignore some USB devices

[Kirill A . Korinsky]

On Mon, 19 Feb 2024 23:09:35 +0100,
Stuart Henderson wrote:
> 
> > I read that as it is impossible to blacklist a device, right?
> 
> Only by running a kernel where the driver's attach routine has been
> modified to skip attaching the device e.g. if it matches certain
> vendor/device id. OpenBSD doesn't have any other way to detach a USB
> driver from a device.
> 

As an alternative solution, is it possible to enforce ugen to specific
device by vendor and product IDs?

I've tried:

  $ doas config -e -o /bsd.new /bsd
  ukc> find ugen
  309 ugen* at uhub*|uhub* port -1 configuration -1 interface -1 vendor -1 
product -1 release -1 flags 0x0
  ukc> find uaudio
  303 uaudio* at uhub*|uhub* port -1 configuration -1 interface -1 vendor -1 
product -1 release -1 flags 0x0
  ukc> add ugen
  Device not complete number or * is missing
  ukc> add ugen*
  Clone Device (DevNo, 'q' or '?') ? 309
  Insert before Device (DevNo, 'q' or '?') ? 303
  303 ugen* at uhub*|uhub* port -1 configuration -1 interface -1 vendor -1 
product -1 release -1 flags 0x0
  ukc> change 303
  303 ugen* at uhub*|uhub* port -1 configuration -1 interface -1 vendor -1 
product -1 release -1 flags 0x0
  change [n] y
  port [-1] ?
  configuration [-1] ?
  interface [-1] ?
  vendor [-1] ? 0x041e
  product [-1] ? 0x3130
  release [-1] ?
  flags [0] ?
  303 ugen* changed
  303 ugen* at uhub*|uhub* port -1 configuration -1 interface -1 vendor 0x41e 
product 0x3130 release -1 flags 0x0
  ukc> find ugen*
  303 ugen* at uhub*|uhub* disable port -1 configuration -1 interface -1 vendor 
0x41e product 0x3130 release -1 flags 0x0
  310 ugen* at uhub*|uhub* port -1 configuration -1 interface -1 vendor -1 
product -1 release -1 flags 0x0
  ukc> quit
  Saving modified kernel.

with no luck.

-- 
wbr, Kirill

Re: Ignore some USB devices

[Kirill A . Korinsky]

On Mon, 19 Feb 2024 22:43:45 +0100,
Jan Stary wrote:
> 
> On Feb 19 22:33:53, kir...@korins.ky wrote:
> > 
> > I use the rsnd/1 or rsnd/2 to listen music via wireless headphones,
> 
> Why do you have two of those?
>

Because it depends on the order of attaching devices.

> > and rsnd/0 with wired headset to make video calls.
> > 
> > I never use display's audio and it creates only issue for me.
> 
> To be clear: even when you connect the display,
> presumably because you want to use it as a display
> (and maybe even its camera), you want the sound
> to stay at whatever snd device you are using;
> in particular, you don't want sndio to switch
> to the new snd device provided by the newly plugged
> display's uaudio.
> 
> Is there a setting in the display
> that would completely disable its audio?
>

No, this display hasn't got any settigns which I'm aware of.

See: LG UltraFine 5K

> > Let take two use cases:
> > 1. Listen some music when laptop is connected to the display on wireless
> >headphones by attaching USB dongle;
> > 2. Connect laptop to the display when listen some music on wireless
> >headphones via USB dongle.
> > 
> > The first one leads to rsnd/2 as desired device, and the second one to
> > rsnd/1 as desired device.
> > 
> > As side effect of (2) music might be redirect to the display which has
> > quite hight default level of volume.
> > 
> > So, right now to attach laptop to the screen and do not wake famly up at
> > the night I should:
> >  - pause the music;
> >  - deattach USB dongle;
> >  - connect laptop to the screen;
> >  - attach USB dongle;
> >  - and finaly resume music.
> 
> You could also detach-and-reattach the headphones dongle
> *after* you attach the display.
>

Yeah, it still to many things to do :(

> You could also send a dmesg showing all of those devies.
> 

attched

-- 
wbr, Kirill
OpenBSD 7.5-beta (GENERIC.MP) #39: Mon Feb 19 12:28:22 CET 2024

ca...@matebook.sa31-home.catap.net:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 16890646528 (16108MB)
avail mem = 16357588992 (15599MB)
random: good seed from bootblocks
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 3.2 @ 0x8e2c2000 (32 entries)
bios0: vendor HUAWEI version "1.10" date 01/12/2023
bios0: HUAWEI EUL-WX9
efi0 at bios0: UEFI 2.7
efi0: XX rev 0x10010
acpi0 at bios0: ACPI 5.1
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP UEFI SSDT SSDT SSDT SSDT SSDT TPM2 SSDT MSDM LPIT WSMT 
SSDT DBGP DBG2 SSDT NHLT HPET APIC MCFG SSDT SSDT DMAR FPDT BGRT
acpi0: wakeup devices XHC_(S3) XDCI(S4) HDAS(S4) RP01(S4) PXSX(S4) RP02(S4) 
PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) RP05(S4) PXSX(S4) RP06(S4) 
PXSX(S4) RP07(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 2399 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz, 3292.33 MHz, 06-8e-0c, patch 
00f8
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SRBDS_CTRL,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,MISC_PKG_CT,ENERGY_FILT,FB_CLEAR,RRSBA,GDS_CTRL,XSAVEOPT,XSAVEC,XGETBV1,XSAVES
cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 256KB 64b/line 
4-way L2 cache, 6MB 64b/line 12-way L3 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 24MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz, 3292.33 MHz, 06-8e-0c, patch 
00f8
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SRBDS_CTRL,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,MISC_PKG_CT,ENERGY_FILT,FB_CLEAR,RRSBA,GDS_CTRL,XSAVEOPT,XSAVEC,XGETBV1,XSAVES
cpu1: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 256KB 64b/line 
4-way L2 cache, 6MB 64b/line 12-way L3 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 4 

Re: Ignore some USB devices

[Kirill A . Korinsky]

On Mon, 19 Feb 2024 22:32:18 +0100,
Jan Stary wrote:
> 
> So get some normal headphones that plug into the laptop
> (without creating a new device)
> and simply connect the display when you want,
> or don't connect it when you don't.
> 

I read that as it is impossible to blacklist a device, right?

-- 
wbr, Kirill

Re: Ignore some USB devices

[Kirill A . Korinsky]

On Mon, 19 Feb 2024 22:15:40 +0100,
Jan Stary wrote:
> 
> On Feb 19 22:08:40, kir...@korins.ky wrote:
> > On Mon, 19 Feb 2024 21:58:51 +0100,
> > Thomas L. wrote:
> > > 
> > > you can select which audio device is used with -f/-F flags to sndiod
> > > (details in man-page) in /etc/rc.conf.local. maybe that helps?
> > 
> > thanks, but I right now I do have:
> > 
> >   ~ $ rcctl get sndiod flags
> >   -f rsnd/0 -F rsnd/1 -F rsnd/2
> 
> Do you actualy want to switch between the three?
> What are the three audio devices you want to use, and why?

I use the rsnd/1 or rsnd/2 to listen music via wireless headphones,
and rsnd/0 with wired headset to make video calls.

I never use display's audio and it creates only issue for me.

>
> > that works almost fine, but requires to deattach USB dongle
> 
> What USB dongle?

Creative BT-W5

> 
> > before I connect laptop to the display.
> > If I forgot to do it, the display's audio will be rsnd/2 with priority.
> 
> What is the rsnd/2 you _want_?
> How does _detaching_ anything before the display attaches help that?
> 

Right now I do have 3 audio devices:
 - embeded inside laptop;
 - embeded inside display;
 - USB dongle to connect to bluetooth headphones.

The first one is always rsdn/0; and the next two depends on the order of
connection.

Let take two use cases:
1. Listen some music when laptop is connected to the display on wireless
   headphones by attaching USB dongle;
2. Connect laptop to the display when listen some music on wireless
   headphones via USB dongle.

The first one leads to rsnd/2 as desired device, and the second one to
rsnd/1 as desired device.

As side effect of (2) music might be redirect to the display which has
quite hight default level of volume.

So, right now to attach laptop to the screen and do not wake famly up at
the night I should:
 - pause the music;
 - deattach USB dongle;
 - connect laptop to the screen;
 - attach USB dongle;
 - and finaly resume music.

If I find the way to blacklist display's audio device, this can be as
simple as connect laptop to the display.

-- 
wbr, Kirill

Re: Ignore some USB devices

[Kirill A . Korinsky]

On Mon, 19 Feb 2024 21:58:51 +0100,
Thomas L. wrote:
> 
> you can select which audio device is used with -f/-F flags to sndiod
> (details in man-page) in /etc/rc.conf.local. maybe that helps?

thanks, but I right now I do have:

  ~ $ rcctl get sndiod flags
  -f rsnd/0 -F rsnd/1 -F rsnd/2
  ~ $

that works almost fine, but requires to deattach USB dongle before I
connect laptop to the display.

If I forgot to do it, the display's audio will be rsnd/2 with priority.


-- 
wbr, Kirill

Re: Ignore some USB devices

[Kirill A . Korinsky]

On Mon, 19 Feb 2024 20:34:10 +0100,
Nowarez Market wrote:
> 
> After all your list of *american gigs* missed only that OS.
> Just do a switch to Windows and you solved. Maybe...
> 

Well, I doubt that this display works well on Windows.

The first OS which supports it was macOS, but support of this display
isn't stable and if attach and deattach it often, the macOS may hang out
on some iteration :)

-- 
wbr, Kirill

Re: Ignore some USB devices

[Kirill A . Korinsky]

On Mon, 19 Feb 2024 20:10:46 +0100,
Nowarez Market wrote:
> 
> >Feb 19, 2024 19:46:21 Kirill A. Korinsky :
> >
> >I can't disable uaudio because I use it, and I can't uplug (physically)
> >the LG's Audio because it is integrated into the display which I'm
> >using.
> 
> Curious, what is the connection between your display audio that comes
> watched so magically by your station ?
> 
> Sorry for my investigation..but sometimes seems falks just miss Windows
> left click to unplug stuff..
> 

This is USB-C display and I connect my laptop to it via single USB-C
port.

This connection attach the display, the AC addpater, the USB hub, and
integrated video and audio.

If I can do not connect it, I won't ask about how to ban some devices.

-- 
wbr, Kirill

Re: Ignore some USB devices

[Kirill A . Korinsky]

On Mon, 19 Feb 2024 19:09:16 +0100,
deich...@placebonol.com wrote:
>
> You can enter the kernel on boot and disable device drivers,
> boot-config(8) .

I do have two USB audio device:

  ~ $ usbdevs  -v
  Controller /dev/usb0:
  ...
  addr 07: 043e:9a66 LG Electronics Inc., LG UltraFine Display Audio
   high speed, self powered, config 1, rev 0.03
   driver: uaudio0
  ...
  addr 13: 041e:3130 Creative, Creative BT-W5
   full speed, self powered, config 1, rev 10.00, iSerial 
D97E0B7F86B95AC32000
   driver: uhidev10
   driver: uhidev11
   driver: uaudio1
  ~ $ 

both of them is managed by uaudio. How can I dissable the first one,
without disabling the second one?

I can't disable uaudio because I use it, and I can't uplug (physically)
the LG's Audio because it is integrated into the display which I'm
using.

Ideally I'm looking for a syntax like:

  disable uaudio vendor 0x043e product 0x9a66

--
wbr, Kirill

Re: Ignore some USB devices

[Kirill A . Korinsky]

On Mon, 19 Feb 2024 17:10:27 +0100,
Nowarez Market wrote:
> 
> You should be able to do it by the /etc/bsd.re-config file, you can start 
> from here:
> 
> http://man.openbsd.org/bsd.re-config
> 
> Please be very careful.
> 
> (It needs two reboots to apply any change)
> 

I feel consfused: isn't it a way to exclude some module?

If yes, it isn't that I'm looking.

For example, I'm using USB audio, but I'd like to ban USB audio which is
included into my display, but not ban the module because if I do so, I
won't able to use USB audio dingle which I use to connect to wireless
headphones.

Right now I have:

  ~ $ usbdevs  
  Controller /dev/usb0:
  addr 01: 8086: Intel, xHCI root hub
  addr 02: 1050:0404 Yubico, YubiKey CCID
  addr 03: 13d3:56f2 Azurewave, USB camera
  addr 04: 8087:0026 Intel, Bluetooth
  addr 05: 043e:9a61 LG Electronics Inc., USB2.1 Hub
  addr 06: 043e:9a73 LG USA, product 0x9a73
  addr 07: 043e:9a66 LG Electronics Inc., LG UltraFine Display Audio
  addr 08: 043e:9a68 LG Electronlcs Inc., LG UltraFine Display Camera
  addr 09: 05ac:0265 Apple Inc., Magic Trackpad
  addr 10: 05ac:026c Apple Inc., Magic Keyboard with Numeric Keypad
  addr 11: 043e:9a70 LG Electronics Inc., LG UltraFine Display Controls
  addr 12: 0a12:4010 Cambridge Silicon Radio, product 0x4010
  addr 13: 041e:3130 Creative, Creative BT-W5
  ~ $

and I would like somehow to disable

  addr 07: 043e:9a66 LG Electronics Inc., LG UltraFine Display Audio
  addr 08: 043e:9a68 LG Electronlcs Inc., LG UltraFine Display Camera

but keeping

  addr 03: 13d3:56f2 Azurewave, USB camera
  addr 13: 041e:3130 Creative, Creative BT-W5

I've tried to play with config -e /bsd but the best that I can figure
out is how to disable uaudio, and not only one, specific, device.

-- 
wbr, Kirill

Ignore some USB devices

[Kirill A . Korinsky]

Folks,

I run OpenBSD and some times connect an external display which contains
integraded web cam, microphone and speakers.

Web-cam doesn't work, but both microphone and speakers work.

Is it possible to ignore it somehow?

Ideally I'm for a black list of usb divecs base on some id.

Thanks.

-- 
wbr, Kirill

Re: sysupgrade fails firmware fetch

[Kirill A . Korinsky]

On Sun, 18 Feb 2024 10:57:27 +0100,
Stuart Henderson wrote:
> 
> It's not too bad as long as the person building firmware tgz gets a
> heads-up before the version number is updated.
> 

Specially that right now it still can be run as:

  env VERSION=74 fw_update -p http://firmware.openbsd.org/firmware/snapshots

I do not say that is good, but it isn't a disaster.

Special for guys who runs on development snapshots.

-- 
wbr, Kirill

Re: sysupgrade fails firmware fetch

[Kirill A . Korinsky]

On Sat, 17 Feb 2024 22:27:52 +0100,
Sonic wrote:
> 
> Seems it's looking for a 7.5 directory (-current apparently just moved
> to 7.5-beta) instead of the snapshot directory.
> 

And using snapshot directory fails because wrong signature:

  ~ $ doas fw_update -p http://firmware.openbsd.org/firmware/snapshots 
  fw_update: failed.
  signify: verification failed: checked against wrong key
  Signature check of SHA256.sig failed
  ~ $ 

-- 
wbr, Kirill

Re: Improve support of Go

[Kirill A . Korinsky]

On Thu, 15 Feb 2024 15:09:01 +0100,
Joel Sing wrote:
>
> The operating system specific parts of the Go syscall package are effectively
> deprecated/frozen (and have been for nearly 10 years, hence not being 
> updated):
>
>   https://pkg.go.dev/syscall
>
>   
> https://go.googlesource.com/proposal/+/refs/heads/master/design/freeze-syscall.md
>
> On the other hand, golang.org/x/sys/unix is maintained and updated
> semi-regularly:
>
>   https://pkg.go.dev/golang.org/x/sys/unix
>
> With the exception of the OpenBSD syscall numbers:
>
>   
> https://cs.opensource.google/go/x/sys/+/master:unix/zsysnum_openbsd_amd64.go;l=8
>

Anyway, some systems are rebuild qutie often. For example Solaris [1] or FreeBSD
[2]. And current state of syscall numbers for OpenBSD misses a lot [3].

Here my point: it is deprected, but still in use for some large applications
like Docker, and we have two options here: (1) update it / fix it in Go, (2)
patch each application by replacing Syscall.EBADMSG for example [4]. From my
point of view move by (1) seems the simpler way which allows to reduce number of
hacks / patches in ports.

Footnotes:
[1]  
https://github.com/golang/go/commit/ea14b633627f467a2e35eb7f67df6f3ed60469c0

[2]  https://go-review.googlesource.com/c/go/+/563835

[3]  https://github.com/catap/go/commit/c9cb73913d79e490f167ff1c0a651d69c700f02a

[4]  https://github.com/search?q=repo%3Aopenbsd%2Fports%20EBADMSG=code

--
wbr, Kirill

Re: Improve support of Go

[Kirill A . Korinsky]

On Tue, 13 Feb 2024 13:10:44 +0100,
Janne Johansson wrote:
> 
> I can run them on mips64 for you at least.
> 

I'll appriciete this. After that I only need
 - arm
 - arm64
 - ppc64
 - riscv64

Can you run something like this?

  doas pkg_add bash git go
  git clone -b opebsd-syscalls https://github.com/catap/go.git
  cd go/src
  ulimit -S -d $(ulimit -H -d)
  env CGO_ENABLED=1 CC=cc CXX=c++ ./make.bash
  cd syscall
  env GOOS=openbsd GOARCH=%ARCH% CC=cc CXX=c++ PATH=$(pwd)/../../bin:$PATH 
./mkall.sh
  git diff > /tmp/go-mips64.diff

and send me back /tmp/go-mips64.diff?

But it requires some time to bootstrap go and everything. Inside full
virtulization for i386 it works near an hour on not that fast host.

I assume that on real mips64 it might be something like this.

-- 
wbr, Kirill

Improve support of Go

[Kirill A . Korinsky]

Good day,

I'm updating go's syscall table to modern OpenBSD (7.4).

For some architectures it was updated more than decade ago, and a lot of things
had changed.

To do it I need to run commands like:

  cd src
  ulimit -S -d $(ulimit -H -d)
  env CGO_ENABLED=1 CC=cc CXX=c++ ./make.bash
  cd syscall
  env GOOS=openbsd GOARCH=%ARCH% CC=cc CXX=c++ PATH=$(pwd)/../../bin:$PATH 
./mkall.sh

where %ARCH% is one of go's architecutres:
 - 386
 - amd64
 - arm
 - arm64
 - mips64
 - ppc64
 - riscv64

The part with amd64 and 386 was quite easy. But the next parts... well..

I stuck with attempt to install OpenBSD into qemu. I can't figure out how to
boot an installer :(

To move forward I need some help.

The first way if someone can share the way to boot / install OpenBSD into qemu.

And an alternative and simpler way I guess, if someone can grand me shell to
that machine or run commands above on OpenBSD with installed go inside source
tree from this branch: https://github.com/catap/go/tree/opebsd-syscalls

Thanks.

--
wbr, Kirill

Re: -current firefox segfault: pledge "", syscall 289

[Kirill Miazine]

here's how I can reproduce it here -- just by opening 
https://domene.shop/login page and waiting some seconds:


$ firefox https://domene.shop/login
Exiting due to channel error.
Exiting due to channel error.
Exiting due to channel error.
Exiting due to channel error.
Crash Annotation GraphicsCriticalError: |[C0][GFX1-]: 
CompositorBridgeChild receives IPC close with reason=AbnormalShutdown 
(t=5.06002) [GFX1-]: CompositorBridgeChild receives IPC close with 
reason=AbnormalShutdown

Exiting due to channel error.
Abort trap (core dumped)

should mention that this is inside Xvnc, and vnc logs has additional 
error line:


PCRE2 library was built without JIT support

maybe Xvnc -- or PCRE -- are somehow contributing here

• Kirill Miazine [2024-01-26 16:23]:

Most recent package on amd64 snapshot from yesterday:

OpenBSD 7.4-current (GENERIC.MP) #1625: Thu Jan 25 09:16:39 MST 2024

gdb says

[...]
#0  shmget () at /tmp/-:2
2   /tmp/-: No such file or directory.
 in /tmp/-

-current firefox segfault: pledge "", syscall 289

[Kirill Miazine]

Most recent package on amd64 snapshot from yesterday:

OpenBSD 7.4-current (GENERIC.MP) #1625: Thu Jan 25 09:16:39 MST 2024

gdb says

[...]
#0  shmget () at /tmp/-:2
2   /tmp/-: No such file or directory.
in /tmp/-

Re: How to access Xauthority for VNC Server

[Kirill Miazine]

Hello there

• Adam Retter [2024-01-02 23:14]:
> Apologies but I am a little bit unclear about how X authfiles should
> work in OpenBSD.
> 
> I have started with a fresh OpenBSD 7.4 install, and I opted to
> install the X Window System. My goal is to be able to export my
> display over VNC as I have no access to the mouse and keyboard of the
> machine.
> 
> I have installed the VNC Server software by running as root - pkg_add tigervnc
> 
> To be able to run the VNC Server, it needs access to the X Authority
> file. I want to ideally run the VNC Server under a non-root account. I
> have found an authority file under /etc/X11/xenodm/authdir/authfiles/
> however its name seems to be randomly decided each time xenodm is
> started during System boot. For example at present it is
> /etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM but that will change if
> the system is rebooted.
> 
> To run the VNC Server, I think I need to execute something like the
> following command:
> 
> XAUTHORITY=/etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM x0vncserver
> -display :0 -PasswordFile ~/.vnc/passwd
> 
> It is not clear to me how I can set this up so that x0vncserver can
> access the correctly named auth file each time the machine restarts,
> and also under which account it would be considered best practice to
> run x0vncserver... Should I run it under my user account, the `_x11`
> account, or an account created just for that purpose?
> Ideally the VNC Server would start during system startup also.
> 
> I also note that the auth files such as
> /etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM are owned by the `_x11`
> account and group, and are only readable by the owner (mode 0600).
> 
> Please advise on the best way to set this up?

You might want to look at Xvnc rather than x0vncserver. Xvnc is started
by vncserver, which you can run as your normal user.

> Kind regards. Adam.

Here's a setup that used to work at some point, it could give you some
ideas. Note how vncserver is started in the user's tmux session -- this
way I can attach to it and see what is going on.

To run at startup, you could either add a line to rc.local, or (ab)use
crontab's @reboot facility.

In /etc/rc.local

echo -n ' VNC'
su -l  -c '/home//bin/runxvnc.sh 2>&1' >/dev/null &

Then in /home//bin/runxvnc.sh

#!/bin/sh
tmux new-session -d -s Xvnc \
  /usr/local/bin/vncserver :2 \
-geometry 1920x1080 \
-depth 32 \
-fg \
-xstartup ~/.vnc/xstartup \
  -interface 127.0.0.1 \
  -rfbport 5901 \
  -rfbauth ~/.vnc/passwd \
  -alwaysshared

And in ~/.vnc/xstartup

#!/bin/sh
unset SESSION_MANAGER
unset DBUS_SESSION_BUS_ADDRESS
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
export LC_CTYPE="en_US.UTF-8"
/usr/local/bin/startxfce4


> -- 
> Adam Retter
> 
> skype: adam.retter
> tweet: adamretter
> http://www.adamretter.org.uk
> 

-- 
-- Kirill Miazine 

Re: Run VM with 16G or more?

[Kirill A. Korinsky]

And one more noticed bug in vmd regarding memory.

If I changed memory in /etc/vm.conf for running machine, run rcctl reload vmd,
and restart VM... It has no effect.

The VM should be shutdown before reload.

--
wbr, Kirill

Re: Run VM with 16G or more?

[Kirill A. Korinsky]

> On 2. Jan 2024, at 19:58, Kirill A. Korinsky  wrote:
> 
> Anyway, right now it fails as:
> 
>> vmctl: start vm command failed: Invalid argument
> 
> and if I revert may changes (to 10G for example) at cat /etc/login.conf.d/vmd 
> from:
>> vmd:\
>>  :datasize=100G:\
>>  :tc=daemon:
> 
> 
> it's failed as (which is expected):
>> vmctl: start vm command failed: Cannot allocate memory
> 
> 

Forgotten log for the error "Invalid argument" that says nothing I assume

> Jan  2 20:14:07 island vmd: vmd: config_setvm: vm 3 restarted after 11.346817 
> seconds, limit 0/3
> Jan  2 20:14:07 island vmd: vmd: vm_opentty: vm podman tty /dev/ttyp2 uid 
> 1000 gid 4 mode 620
> Jan  2 20:14:07 island vmd: vmm: vm_register: registering vm 3
> Jan  2 20:14:07 island vmd: vmm: vm_remove: vmm vmm_start_vm removing vm 3 
> from running config
> Jan  2 20:14:07 island vmd: vmm: vm_stop: vmm vmm_start_vm stopping vm 3
> Jan  2 20:14:07 island vmd: vmd: podman: failed to start vm
> Jan  2 20:14:07 island vmd: vmd: vm_stop: vmd vmd_dispatch_vmm stopping vm 3
> Jan  2 20:14:07 island vmd: vmm: vmm_sighdlr: handling signal 20


--
wbr, Kirill

Re: Run VM with 16G or more?

[Kirill A. Korinsky]

> On 2. Jan 2024, at 20:13, Mischa  wrote:
> 
> On 2024-01-02 19:58, Kirill A. Korinsky wrote:
>>> On 2. Jan 2024, at 19:17, Dave Voutila  wrote:
>>>> vmd: failed to start vm podman
>>>> vmd: vm_stop: vmd config_setvm stopping vm 3
>>>> This machine runs 4 more VM and this one (huge) should be 5th.
>>> Try this:
>>> # cd /dev && sh MAKEDEV tap4
>>> By default I believe on amd64 we create tap[0-3]. You might need to
>>> define additional special files to represent 4+ taps.
>> I really think that this should be documented at 
>> https://www.openbsd.org/faq/faq16.html 
>> <https://www.openbsd.org/faq/faq16.html>
> 
> It's in man vm.conf, to an extend:
> 
> CAVEATS
> Each guest requires one tap(4) device per assigned interface and one
> pty(4) device.  Administrators may need to create additional devices
> using MAKEDEV(8).

ok, I agree that this is documented.  But not original issue with memory.

--
wbr, Kirill

Re: Run VM with 16G or more?

[Kirill A. Korinsky]

> On 2. Jan 2024, at 19:17, Dave Voutila  wrote:
> 
>> vmd: failed to start vm podman
>> vmd: vm_stop: vmd config_setvm stopping vm 3
>> 
>> This machine runs 4 more VM and this one (huge) should be 5th.
> 
> Try this:
> 
> # cd /dev && sh MAKEDEV tap4
> 
> By default I believe on amd64 we create tap[0-3]. You might need to
> define additional special files to represent 4+ taps.

I really think that this should be documented at 
https://www.openbsd.org/faq/faq16.html <https://www.openbsd.org/faq/faq16.html>

Anyway, right now it fails as:

> vmctl: start vm command failed: Invalid argument

and if I revert may changes (to 10G for example) at cat /etc/login.conf.d/vmd 
from:
> vmd:\
>   :datasize=100G:\
>   :tc=daemon:


it's failed as (which is expected):
> vmctl: start vm command failed: Cannot allocate memory


--
wbr, Kirill

Re: Run VM with 16G or more?

[Kirill A. Korinsky]

> On 2. Jan 2024, at 18:41, Dave Voutila  wrote:
> "Kirill A. Korinsky"  writes:

>> vmctl -v start... doesn't help a bit
> 
> How much physicaly memory does the host machine have? We currently don't
> allow oversubscribing memory with vmm/vmd. If the host only has 16GB
> that could be the cause.

hw.physmem=137257779200
hw.usermem=133537726464

and machine is used only for run VMs.

> If that's not the case, can you run vmd in debug mode and get the log
> output?

Sure, I run /usr/sbin/vmd -vvv -d and the error is:

vmd: config_setvm: vm 3 restarted after 9.757221 seconds, limit 0/3
vmd: config_setvm: can't open tap tap
vmd: failed to start vm podman
vmd: vm_stop: vmd config_setvm stopping vm 3

This machine runs 4 more VM and this one (huge) should be 5th.

--
wbr, Kirill

Re: Run VM with 16G or more?

[Kirill A. Korinsky]

> On 2. Jan 2024, at 12:07, Kirill A. Korinsky  wrote:
> 
> Confirmed that it is:
> 
> island$ grep '^vmd:' -A 2 /etc/login.conf
> vmd:\
>   :datasize=16384M:\
>   :tc=daemon:
> island$


Wel.. after that changes error has been changed to:

> vmctl: start vm command failed: Unknown error: -1


vmctl -v start... doesn't help a bit

--
wbr, Kirill

Re: Run VM with 16G or more?

[Kirill A. Korinsky]

> On 2. Jan 2024, at 08:58, Janne Johansson  wrote:
> 
> Den mån 1 jan. 2024 kl 21:44 skrev Kirill A. Korinsky :
>> 
>> How can I run a VM with more than 16G of memory?
>> A naive approach fails with error:
>>> vmctl: start vm command failed: Cannot allocate memory
>> 
>> Yes, the host machine has that memory and much more.
> 
> Check datasize in ulimits as set by the shell and login.conf for the
> user that the VM runs as.
> 

Confirmed that it is:

island$ grep '^vmd:' -A 2 /etc/login.conf
vmd:\
:datasize=16384M:\
:tc=daemon:
island$

Thanks!

--
wbr, Kirill

Run VM with 16G or more?

[Kirill A. Korinsky]

Greetings,

How can I run a VM with more than 16G of memory?

A naive approach fails with error:

> vmctl: start vm command failed: Cannot allocate memory


Yes, the host machine has that memory and much more.

--
wbr, Kirill

Re: access errors following faq/current.html instructions

[Kirill A. Korinsky]

> On 31. Dec 2023, at 20:20, Chenguang Wang  wrote:
> 
> (I assumed these commands are expected to be executed as root.)


Yep, and provided link contains this note:

> Most of these changes will have to be performed as root.

--
wbr, Kirill

Re: Recovery binary from lost+found

[Kirill A. Korinsky]

> On 31. Dec 2023, at 15:49, Otto Moerbeek  wrote:
> 
> There are toos like objdump and readelf that can tell you more, but
> just removing them is likely best. Object files can always be
> re-created on an open-source system.


I've run:

> island$ tar -ztvf base74.tgz | awk '{print $9}' | while read f; do doas test 
> -e /$f || echo "missed $f"; done
> missed ./usr/share/relink/kernel.tgz
> island$

that confirms your point that it should be just removed.

--
wbr, Kirill

Re: Recovery binary from lost+found

[Kirill A. Korinsky]

> On 31. Dec 2023, at 11:02, Otto Moerbeek  wrote:
> 
> Amongst other things, fsck_ffs(8) looks for inodes not mentioned in
> any directory, i.e. files that are orphans. fsck_ffs links those files
> into the lost+found dir, using the inode number for a name.


sounds like just remove it and forgot, isn't it?

> 
> Try to figure the contents of the file, using e.g. file(1) or
> hexdump(1). On success, just move the files to the right place with
> the right name. Often you'll find that those files are not longer
> useful, in that case  just remove them from lost+found.


As was said before this is binary files:

island# file *
#1866245: ELF 64-bit LSB shared object, x86-64, version 1
#2021828: ELF 64-bit LSB shared object, x86-64, version 1
island#

and it has quite different size:

island# ls -la
total 7912
-r--r--r--   1 root  bin3680832 Dec 31 00:30 #1866245
-r--r--r--   1 root  bin 317600 Dec 31 00:30 #2021828
drw--T   2 root  wheel  512 Dec 31 01:10 .
drwxr-xr-x  16 root  wheel  512 Dec 31 01:27 ..
island#

an attempt to run it leads to crash, yes I've tried move to bin.

--
wbr, Kirill

Recovery binary from lost+found

[Kirill A. Korinsky]

Greetings,

How can I recovery binary files from lost+found?

I have:
island$ doas ls -l /usr/lost+found
total 7904
-r--r--r--  1 root  bin  3680832 Dec 31 00:30 #1866245
-r--r--r--  1 root  bin   317600 Dec 31 00:30 #2021828
island$

--
wbr, Kirill

Re: OpenBSD 7.2 on VPS, routing via IPv6 gateway outside of interface prefix

[Kirill Miazine]

• Michal Šmucr [2022-11-08 01:30]:
> >
> > I'm sorry, I wasn't thinking very well.
> >
> > Have you tried using fe80::1%vio0 as the default IPv6 gateway?
> >
> 
> No need to be sorry, I am grateful for any ideas :)

Maybe you will find some further ideas in dmesg or /var/log/messages?

Re: OpenBSD 7.2 on VPS, routing via IPv6 gateway outside of interface prefix

[Kirill Miazine]

• Michal Šmucr [2022-11-08 00:09]:
> Thank you very much for the reply, Kirill.
> 
> > > try with
> > >
> > > route add -inet6 2001:db8:efef::1 -llinfo -link -static -iface vio0
> >
> > ... that is, try the above before you try to add 2001:db8:efef::1 as
> > default gateway.
> 
> I already tested something similar in my previous attempts with flags
> and link, but it also didn't work.

I'm sorry, I wasn't thinking very well.

Have you tried using fe80::1%vio0 as the default IPv6 gateway?

Re: OpenBSD 7.2 on VPS, routing via IPv6 gateway outside of interface prefix

[Kirill Miazine]

• Kirill Miazine [2022-11-07 13:36]:
[...]
> > $ ifconfig vio0 inet6 2001:db8:efef::d9e:18d2:b761:0/121
> > $ route add -inet6 default 2001:db8:efef::1
> > add net default: gateway 2001:db8:efef::1: Network is unreachable
> 
> try with
> 
> route add -inet6 2001:db8:efef::1 -llinfo -link -static -iface vio0

... that is, try the above before you try to add 2001:db8:efef::1 as
default gateway.

-- 
-- Kirill Miazine 

Re: OpenBSD 7.2 on VPS, routing via IPv6 gateway outside of interface prefix

[Kirill Miazine]

• Michal Šmucr [2022-11-07 13:02]:
[...]
> Hello to all,
> 
> I'm looking for possible opinions or advice regarding IPv6 setup at new VPS.
> Probably the most common approach is a VPS provider gives you /64
> prefix length with gateway within the subnet.
> Works everywhere, it's also the smallest usable prefix length for use
> with SLAAC.
> However in this case, the VPS has /121 prefix length and its gateway
> is outside of the subnet.
> Something like this:
> VPS IP: 2001:db8:efef::d9e:18d2:b761:0/121
> GW: 2001:db8:efef::1/48
[...]
> On OpenBSD I tried..
> 
> $ ifconfig vio0 inet6 2001:db8:efef::d9e:18d2:b761:0/121
> $ route add -inet6 default 2001:db8:efef::1
> add net default: gateway 2001:db8:efef::1: Network is unreachable

try with

route add -inet6 2001:db8:efef::1 -llinfo -link -static -iface vio0

> Well, that sounds logical. So I tried to tell how to reach the gateway first.
> It should be directly accessible, so after few failed attempts and
> digging in man page
> I thought the -iface modifier with the local address of the interface
> as destination should do the trick.
> $ route add -inet6 2001:db8:efef::1 2001:db8:efef::d9e:18d2:b761:0 -iface
> $ ping6 2001:db8:efef::1
> PING 2001:db8:efef::1 (2001:db8:efef::1): 56 data bytes
> ping6: sendmsg: Invalid argument
> 
> ehh.. no dice
> I tried a couple of other things, like adding an additional network
> route to /48 prefix, and experimenting with some additional flags,
> when adding. But it never worked.
> 
> Is it impossible to achieve?
> Like without the equivalent of Linux noprefixroute option, there will
> always be an already automatically declared offending route.
> Or do I have some mistakes there?
> 
> Thank you,
> 
> Michal
> 

-- 
-- Kirill Miazine 

Re: azalia: no sound

[Kirill Kaplin]

> On Mon, May 02, 2022 at 02:47:45PM +0300, Kirill Kaplin wrote:
 >> > OpenBSD detected 3 sound cards for you. From what I recall, the one on
 >> > the HDMI video output (associated to your video card) is not
 >> > supported, so no sound there.
 >> > Maybe the sound goes to your envy0, ESI Julia sound card. Could you
 >> > check with some phones or speakers?
 >> Sound goes to Realtek if I do nothing (currently it goes to envy thanks to
 >> sndio flags), I tried every output, nothing helps.
 >> 

> I've a very similar machine with both the same Realtek ALC892 codec
> and the ESI-Julia card.

> I just connected amplifier to the green jack and it makes sound when I
> play sounds using azalia, with the default settings.

> According to your mixerctl output, your're using the green jack (aka
> line-out) as well; your audioctl tests show that the azalia host
> works. So I'm very surprised it doesn't work for you

> Could you check the physical connections? Could you try to set the
> outputs.master to the maximum? Do you know of ther operating systems
> manage to make sounds?

It doesn't work under Win7, I just check... So, no reason to worry.
-- 
http://nightbbs.ru

Re: azalia: no sound

[Kirill Kaplin]

> OpenBSD detected 3 sound cards for you. From what I recall, the one on
> the HDMI video output (associated to your video card) is not
> supported, so no sound there.
> Maybe the sound goes to your envy0, ESI Julia sound card. Could you
> check with some phones or speakers?
Sound goes to Realtek if I do nothing (currently it goes to envy thanks to
sndio flags), I tried every output, nothing helps.

> As for the Realtek one, it looks like 5.1 or 7.1 outputs. Can you tell
> where you did connect the phones or speakers?
> Also you can check the sndiod setup where I am no expert.

-- 
http://nightbbs.ru

azalia: no sound

[Kirill]

Hello.

My problem: no sound on azalia,
My dmesg:
OpenBSD 7.1-current (GENERIC.MP) #485: Thu Apr 28 09:39:27 MDT 2022
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8534949888 (8139MB)
avail mem = 8258949120 (7876MB)
random: good seed from bootblocks
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xeb5c0 (104 entries)
bios0: vendor American Megatrends Inc. version "3603" date 11/09/2012
bios0: ASUSTeK Computer INC. P8Z68-V GEN3
acpi0 at bios0: ACPI 4.0
acpi0: sleep states S0 S1 S3 S4 S5
acpi0: tables DSDT FACP APIC MCFG HPET SSDT SSDT SSDT BGRT
acpi0: wakeup devices P0P1(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4)
RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) RP05(S4) PXSX(S4) RP06(S4)
PXSX(S4) RP08(S4) PXSX(S4) PEG0(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz, 3411.60 MHz, 06-3a-09
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 100MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz, 3411.13 MHz, 06-3a-09
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz, 3411.13 MHz, 06-3a-09
cpu2:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 6 (application processor)
cpu3: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz, 3411.13 MHz, 06-3a-09
cpu3:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 0, core 3, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
acpimcfg0 at acpi0
acpimcfg0: addr 0xf800, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (P0P1)
acpiprt2 at acpi0: bus 3 (RP01)
acpiprt3 at acpi0: bus 4 (RP02)
acpiprt4 at acpi0: bus -1 (RP03)
acpiprt5 at acpi0: bus 5 (RP04)
acpiprt6 at acpi0: bus 6 (RP05)
acpiprt7 at acpi0: bus -1 (RP06)
acpiprt8 at acpi0: bus -1 (RP08)
acpiprt9 at acpi0: bus 1 (PEG0)
acpiprt10 at acpi0: bus 2 (PEG1)
acpiprt11 at acpi0: bus -1 (PEG2)
acpiprt12 at acpi0: bus -1 (PEG3)
acpiprt13 at acpi0: bus 7 (RP07)
acpiprt14 at acpi0: bus 8 (PXSX)
acpiec0 at acpi0
acpiec at acpi0 not configured
acpipci0 at acpi0 PCI0: 0x0004 0x0011 0x0001
acpicmos0 at acpi0
"pnp0c14" at acpi0 not configured
acpibtn0 at acpi0: PWRB
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C14" at acpi0 not configured
acpicpu0 at acpi0: C3(350@80 mwait.1@0x20), C2(500@59 mwait.1@0x10), C1(1000@1 
mwait.1), PSS
acpicpu1 at acpi0: C3(350@80 mwait.1@0x20), C2(500@59 mwait.1@0x10), C1(1000@1 
mwait.1), PSS
acpicpu2 at acpi0: C3(350@80 mwait.1@0x20), C2(500@59 mwait.1@0x10), C1(1000@1 
mwait.1), PSS
acpicpu3 at acpi0: C3(350@80 mwait.1@0x20), C2(500@59 mwait.1@0x10), C1(1000@1 
mwait.1), PSS
acpipwrres0 at acpi0: FN00, resource for FAN0
acpipwrres1 at acpi0: FN01, resource for FAN1
acpipwrres2 at acpi0: FN02, resource for FAN2
acpipwrres3 at acpi0: FN03, resource for FAN3
acpipwrres4 at acpi0: FN04, resource for FAN4
acpitz0 at acpi0: critical temperature is 106 degC
acpitz1 at acpi0: critical temperature is 106 degC

no sound on azalia

[Kirill K]

Hello.

My problem: no sound on azalia,
My dmesg: https://pastebin.com/rK1uUUrZ
My mixerctl -v: https://pastebin.com/DDifPsW7
My little debug after read faq: https://pastebin.com/Su54uEPq
Help, please.

no sound on azalia

[Kirill Kaplin]

Hello.

My problem: no sound on azalia,
My dmesg: https://pastebin.com/rK1uUUrZ
My mixerctl -v: https://pastebin.com/DDifPsW7
My little debug after read faq: https://pastebin.com/Su54uEPq
Help, please.

-- 
http://nightbbs.ru

use 307 for redirect in the example httpd.conf

[Kirill Miazine]

Hi, list

Currently, /etc/examples/httpd.conf uses HTTP 302 to do a redirect.

According to
https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/302, "even if
the specification requires the method (and the body) not to be altered
when the redirection is performed, not all user-agents conform here
- you can still find this type of bugged software out there. It is
therefore recommended to set the 302 code only as a response for GET or
HEAD methods and to use 307 Temporary Redirect instead, as the method
change is explicitly prohibited in that case."

The only difference between 307 and 302 is that 307 guarantees that the
method and the body will not be changed when the redirected request is
made. With 302, some old clients were incorrectly changing the method to
GET: the behavior with non-GET methods and 302 is then unpredictable on
the Web, whereas the behavior with 307 is predictable. For GET requests,
their behavior is identical.

Wouldn't it be better to use 307 in the example httpd.conf?

-- 
    -- Kirill Miazine 

Re: Set environment variable for non-interactive shell

[Kirill Peskov]

Unfortunately manpage for login.conf does not give any example, only
brief description:

setenv envlist  A list of environment
variables and associated
values to be set for the
class.

so if I would like to set for example global variable MY_ENV=DEV for all users 
and any login method, then what should I put here instead of XX?

default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin 
/usr/local/sbin:\
:umask=022:\
:setenv=XX:\
:...blabla...:\



On 06.11.20 16:28, Todd C. Miller wrote:
> Typically, this kind of thing is done in /etc/login.conf.
>
>  - todd


smime.p7s
Description: S/MIME Cryptographic Signature

Re: Set environment variable for non-interactive shell

[Kirill Peskov]

Unfortunately neither /etc/profile nor ~/.profile won't be parsed if
shell is non-interactive. Simplest example will be:

if the content of /etc/profile is:

MY_ENV=DEV
export MY_ENV

Then if I login to the host like this:

ssh username@myopenbsdhost.local

myopenbsdhost$ env

_=/usr/bin/env
LOGNAME=username
PWD=/home/username
HOME=/home/username
SSH_TTY=/dev/ttyp0
MY_ENV=DEV
TERM=xterm-256color
SHELL=/bin/ksh
...blabla...


So OK in this case. But if I run:


ssh username@myopenbsdhost.local env

_=/usr/bin/env
LOGNAME=username
PWD=/home/username
HOME=/home/username
SSH_TTY=/dev/ttyp0
SHELL=/bin/ksh
...blabla...


Got the idea? Other BSDs and Linux behaves exactly the same way,
/etc/profile and ~/.profile are parsed for interactive shells only.


On 06.11.20 15:56, Dante Catalfamo wrote:
> Hey Kirill,
>
> The default shell in OpenBSD is usually ksh unless otherwise
> specified. You should check out the ksh(1) man page.
>
> You should be able to achieve what you want by setting the variable in
> /etc/profile. Hope that helps.
>
> Dante
>
> On 2020-11-06 6:23 a.m., Kirill Peskov wrote:
>> Hi All,
>>
>> I'm currently trying to figure out, how to set global environment
>> variable, valid for multiple users including root, so Ansible will be
>> able to accept it as "fact" for both root and non-root users. I've
>> already tried to play with .cshrc files and /etc/rc.local, nothing
>> worked so far, looks like I'm missing something important.
>>
>> Thanx in advance,
>>
>> Kirill
>>
>>



smime.p7s
Description: S/MIME Cryptographic Signature

Set environment variable for non-interactive shell

[Kirill Peskov]

Hi All,

I'm currently trying to figure out, how to set global environment
variable, valid for multiple users including root, so Ansible will be
able to accept it as "fact" for both root and non-root users. I've
already tried to play with .cshrc files and /etc/rc.local, nothing
worked so far, looks like I'm missing something important.

Thanx in advance,

Kirill




smime.p7s
Description: S/MIME Cryptographic Signature

Re: OpenBSD on AWS EC2 Nitro

[Kirill Peskov]

OK, looks like ENA (Elastic Network Adapter) is the main show stopper here,

There is a glimpse of optimism here, FreeBSD port of ENA driver is
already out there:

https://github.com/amzn/amzn-drivers/tree/master/kernel/fbsd/ena

I'm trying to catch the AMD-specific crash logs from t3a-type instances
to post them here.

On 06.10.20 07:50, Kirill Peskov wrote:
> Hi All!
>
> Not so long time ago I've got the challenge to fire up OpenBSD instance
> in AWS. It was almost out-of-the-box successful with just a few manual
> post-configs... However, with recently introduced "Nitro" hypervisor
> (heavily streamlined KVM) old methods of hacking OpenBSD into the Amazon
> Cloud seem not to be working, due to not yet fully known list of
> reasons, but some of the key differences between "t2" and "t3"
> generations are obvious, t3 has new components:
>
> Root disk: NVMe root disk
> NIC: Elastic Network Adapter (Amazon ENA)
>
> In addition, AWS has a bit cheaper line of instances, AMD-based "t3a".
>
> So far, from the instance startup logs I can see that NVMe device is
> detected by OpenBSD kernel, but looks like OS is unable to find root
> partition on the drive. AMD instance crashes with kernel fault on very
> early stage.
>
> Has anyone tried the same? Any success?
>
>
> Cheers,
>
> Kirill



smime.p7s
Description: S/MIME Cryptographic Signature

OpenBSD on AWS EC2 Nitro

[Kirill Peskov]

Hi All!

Not so long time ago I've got the challenge to fire up OpenBSD instance
in AWS. It was almost out-of-the-box successful with just a few manual
post-configs... However, with recently introduced "Nitro" hypervisor
(heavily streamlined KVM) old methods of hacking OpenBSD into the Amazon
Cloud seem not to be working, due to not yet fully known list of
reasons, but some of the key differences between "t2" and "t3"
generations are obvious, t3 has new components:

Root disk: NVMe root disk
NIC: Elastic Network Adapter (Amazon ENA)

In addition, AWS has a bit cheaper line of instances, AMD-based "t3a".

So far, from the instance startup logs I can see that NVMe device is
detected by OpenBSD kernel, but looks like OS is unable to find root
partition on the drive. AMD instance crashes with kernel fault on very
early stage.

Has anyone tried the same? Any success?


Cheers,

Kirill

slow speed on usb3 ffs2

[Kirill]

My problem is slow speed on ffs2 partition on usb3. Here is my dmesg:

https://pastebin.com/MWJVcTNs

I don't know what additional info required, so ask.

slow speed on ffs2 usb3

[Kirill]

My problem is slow speed on ffs2 partition on usb3. Here is my dmesg:

https://pastebin.com/MWJVcTNs

I don't know what additional info required, so ask.

Re: Any console SIP client from ports or packages?

[Kirill Bychkov]

On Thu, April 2, 2020 16:20, Martin wrote:
> I'm looking for lightweight console SIP client to perform calls right from
> OpenBSD console with asterisk.
>
> Please suggest.
>
> Martin
>

Hi,
Take a look at baresip.

6.6-beta - startup suspends until display is connected

[Kirill Miazine]

Hi, list

On my box running snapshots I'm obsering following: startup suspends
until display is connected. I've connected displays via HDMI and DP.

I couldn't identify for sure where this happens, but looks like the
hang comes after disks are mounted. Once display is connected, kbd is
set and dhclient is run. Again, it's difficult to tell exactly, as it
takes a moment or two for the picture to appear.

On 6.5 (and before) it could run headless without issues. In fact,
I have a similar box with 6.5 acting as file server in my parents' home.

Any ideas where I could look further to debug?

dmesg below:

OpenBSD 6.6-beta (GENERIC.MP) #315: Wed Sep 18 19:01:31 MDT 2019
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8223297536 (7842MB)
avail mem = 7961391104 (7592MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xed9d0 (17 entries)
bios0: vendor American Megatrends Inc. version "P1.70" date 02/27/2018
bios0: ASRock N3150-NUC
acpi0 at bios0: ACPI 5.0
acpi0: sleep states S0 S4 S5
acpi0: tables DSDT FACP APIC FPDT FIDT AAFT MCFG SSDT SSDT SSDT UEFI SSDT TPM2 
LPIT CSRT
acpi0: wakeup devices XHC1(S4) HDEF(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) 
RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) PWRB(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Celeron(R) CPU N3150 @ 1.60GHz, 1600.37 MHz, 06-4c-03
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,TSC_ADJUST,SMEP,ERMS,MD_CLEAR,IBRS,IBPB,STIBP,SENSOR,ARAT,MELTDOWN
cpu0: 1MB 64b/line 16-way L2 cache
tsc_timecounter_init: TSC skew=0 observed drift=0
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 79MHz
cpu0: mwait min=64, max=64, C-substates=0.2.0.0.0.0.3.3, IBE
cpu1 at mainbus0: apid 2 (application processor)
TSC skew=0
cpu1: Intel(R) Celeron(R) CPU N3150 @ 1.60GHz, 1600.00 MHz, 06-4c-03
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,TSC_ADJUST,SMEP,ERMS,MD_CLEAR,IBRS,IBPB,STIBP,SENSOR,ARAT,MELTDOWN
cpu1: 1MB 64b/line 16-way L2 cache
tsc_timecounter_init: TSC skew=0 observed drift=0
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 4 (application processor)
TSC skew=-100
cpu2: Intel(R) Celeron(R) CPU N3150 @ 1.60GHz, 1600.00 MHz, 06-4c-03
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,TSC_ADJUST,SMEP,ERMS,MD_CLEAR,IBRS,IBPB,STIBP,SENSOR,ARAT,MELTDOWN
cpu2: 1MB 64b/line 16-way L2 cache
tsc_timecounter_init: TSC skew=-100 observed drift=0
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 6 (application processor)
TSC skew=70
cpu3: Intel(R) Celeron(R) CPU N3150 @ 1.60GHz, 1600.00 MHz, 06-4c-03
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,TSC_ADJUST,SMEP,ERMS,MD_CLEAR,IBRS,IBPB,STIBP,SENSOR,ARAT,MELTDOWN
cpu3: 1MB 64b/line 16-way L2 cache
tsc_timecounter_init: TSC skew=70 observed drift=0
cpu3: smt 0, core 3, package 0
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 115 pins
acpimcfg0 at acpi0
acpimcfg0: addr 0xe000, bus 0-255
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (RP01)
acpiprt2 at acpi0: bus 2 (RP02)
acpiprt3 at acpi0: bus -1 (RP03)
acpiprt4 at acpi0: bus -1 (RP04)
acpiec0 at acpi0: not present
acpicpu0 at acpi0: C3(10@1000 mwait.1@0x64), C2(10@500 mwait.1@0x58), C1(1000@1 
mwait.1), PSS
acpicpu1 at acpi0: C3(10@1000 mwait.1@0x64), C2(10@500 mwait.1@0x58), C1(1000@1 
mwait.1), PSS
acpicpu2 at acpi0: C3(10@1000 mwait.1@0x64), C2(10@500 mwait.1@0x58), C1(1000@1 
mwait.1), PSS
acpicpu3 at acpi0: C3(10@1000 mwait.1@0x64), C2(10@500 mwait.1@0x58), C1(1000@1 
mwait.1), PSS
acpipwrres0 at acpi0: CLK0, resource for CAMD
acpipwrres1 at acpi0: CLK0, resource for CAM1
acpipwrres2 at acpi0: CLK1, resource for CAM2, CAM3
acpipwrres3 at acpi0: USBC, resource for XHC1
acpicmos0 at acpi0
acpipci0 at acpi0 PCI0: 0x 0x0011 0x0001
"NTN0530" at acpi0 not configured
"BCM2E64" at acpi0 not configured
"BCM4752" at acpi0 not configured
"SMO91D0" at acpi0 not configured
"INT33F7" at acpi0 

Re: Performance issues as KVM guest?

[Kirill Miazine]

* Kent Watsen [2018-01-11 17:38]:
[...]
> > > Since my hosting provider https://www.bytemark.co.uk/cloud-hosting/
> > > patched for Meltdown last weekend I'm seeing significant performance
> > > issues with an OpenBSD virtual instance there. It seems okay after a
> > > fresh reboot but then progressively returns to being very slow: for
> > > example "sleep 1" may take four seconds, then five, six, seven, then
> > > rather more. Curiously it does tend to be an integral multiplier.
> > > 
> > > I wondered, is anybody else seeing significant performance problems with
> > > OpenBSD (or other BSDs) virtual instances since Meltdown patching? Is
> > > there anything to tweak at my end or am I reliant on the provider?
> > > 
> > > -- Mark
> > > 
> > There are a ton of threads talking about this issue, and it's not meltdown
> > specific. Please search the archives.
> > 
> > -ml
> > 
[...]
> Also, Mark, could you say some more about the issue.  For instance, how long
> after a reboot does it take until you start to notice the issue, and how
> quickly does it get worse?

I'm another customer of Bytemark experiencing the same issue. I'm taking
care of one VM there and I'm primarly noticing it in two situations:
sleep() takes a long time (e.g. sleep(1) might take up to 40 seconds)
and the clock slows down.

Right now, 9 hours after reboot, the clock on VM is 3 hours behind real
clock. And sleep(1) takes 13 secs:

km@buildfarm ~ $ time sleep 1
0m13.85s real 0m00.00s user 0m00.01s system

This all started after the host was patched and VM rebooted.

Bytemark guys are looking at the issue and doing their own debugging.
Here're findings so far:

I spun a few OpenBSD VMs up and left them overnight - looks like the
clock isn't drifting but there's still the 'time sleep 1' issue.
My testing results seemed to concur with User_4574's, virtio was slowing
down only a few minutes after a fresh install whereas compatibility
would stick at 1s, jump to 2s, etc. 
   
> 
> Thanks,
> Kent
> 

-- 
-- Kirill Miazine <k...@krot.org>

Re: 4G modems for OpenBSD?

[Kirill]

Try huawei e3276 with patch.
(http://openbsd-archive.7691.n7.nabble.com/Trouble-with-Huawei-e3276-td241825.html)
Works for me, but I dont use smstools, just ppp.

On 01/09/18 03:35, Israel Brewster wrote:
> Could anyone suggest a USB 4G cell modem model that will work well with 
> OpenBSD, specifically SMSTools? I've looked over most of the list in "man 
> umsm", but those all appear to be 3G. That said, I haven't checked every 
> model on the list, so there could be one or more 4G models that I missed. 
> I've also seen this thread: 
> http://openbsd-archive.7691.n7.nabble.com/4g-LTE-modem-td106310.html 
> , but 
> that is over 5 years old. There is also this thread: 
> http://openbsd-archive.7691.n7.nabble.com/Anyone-experienced-with-4G-LTE-modems-td281872.html
>  
> ,
>  but that doesn't appear to offer any suggestions of USB cell modems - just 
> suggestions of using external cellular routers. 
> 
> I do need a direct USB connection for the purposes of sending SMS messages 
> directly from the system, i.e. I need to be able to send a SMS even if the 
> internet is down, so online cloud services or the like that can convert 
> e-mail to SMS aren't an option. Thanks.
> 
> ---
> Israel Brewster
> Systems Analyst II
> Ravn Alaska
> 5245 Airport Industrial Rd
> Fairbanks, AK 99709
> (907) 450-7293
> ---
> 
> 
> 
> 
> 

Re: Xen based VPS / OpenBSD 6.2 / OpenVPN 2.4.4 => Slow download speed after upgrade

[Kirill Miazine]

enSource Platform Device" rev 0x01 at pci0 dev 2 function 0 not
> configured
> vga1 at pci0 dev 3 function 0 "Cirrus Logic CL-GD5446" rev 0x00
> wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
> wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
> re0 at pci0 dev 4 function 0 "Realtek 8139" rev 0x20: RTL8139C+
> (0x7480), apic 1 int 32, address 00:50:56:34:10:49
> rlphy0 at re0 phy 0: RTL internal PHY
> isa0 at pcib0
> isadma0 at isa0
> fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
> fd0 at fdc0 drive 1: density unknown
> com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
> pckbc0 at isa0 port 0x60/5 irq 1 irq 12
> pckbd0 at pckbc0 (kbd slot)
> wskbd0 at pckbd0: console keyboard, using wsdisplay0
> pms0 at pckbc0 (aux slot)
> wsmouse0 at pms0 mux 0
> pcppi0 at isa0 port 0x61
> spkr0 at pcppi0
> npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
> usb0 at uhci0: USB revision 1.0
> uhub0 at usb0 configuration 1 interface 0 "Intel UHCI root hub" rev
> 1.00/1.00 addr 1
> nvram: invalid checksum
> uhidev0 at uhub0 port 1 configuration 1 interface 0 "QEMU QEMU USB
> Tablet" rev 2.00/0.00 addr 2
> uhidev0: iclass 3/0
> ums0 at uhidev0: 3 buttons, Z dir
> wsmouse1 at ums0 mux 0
> vscsi0 at root
> scsibus2 at vscsi0: 256 targets
> softraid0 at root
> scsibus3 at softraid0: 256 targets
> root on wd0a (244889b124e5edd0.a) swap on wd0b dump on wd0b
> clock: unknown CMOS layout
> 
> 
> * [4] https://www.openbsd.org/62.html - search for "Generic network
> stack improvements"
> 

-- 
-- Kirill Miazine <k...@krot.org>

Re: multiple relays in smtpd.conf

[Kirill Miazine]

* Eric Faurot [2017-08-02 13:24]:
> On Wed, Aug 02, 2017 at 11:44:47AM +0200, Christian Gut wrote:
>> Hi List,
>>
>> is it possible to have multiple relays (you might want to say smart hosts) 
>> in smtpd?
>>
>> I currently use the following line:
>>
>> accept from local for any relay via smarthost.example.org 
>> 
>>
>> Now I would like to have multiple smart hosts in there for backup reasons, 
>> if one of the smart hosts is in maintainance. Is something like this 
>> possible?
>>
>> accept from local for any relay via { smarthost1.example.org 
>> , smarthost2.example.org 
>>  }
>>
>> Kind Regards,
>> Christian
>>
> It's not possible at the moment.  There is ongoing work to support this 
> feature,
> along with other improvements. But it's quite a big change, and we can't give 
> an
> ETA right now.

what about defining a new name in DNS containing addresses of all
smarthosts as a workaround for the OP for now?

> Eric.
>

Re: Recommendation on OpenBSD host

[Kirill Miazine]

* i3j...@airmail.cc [2017-07-26 01:01]:
> Hey list. I need a server to host a very simple website.
> I've been looking for a OpenBSD host that offers 'full' control
> over the machine though SSH. Anyone has recommendations?
> My needs: simple low traffic httpd(8) website (no javascript),
> even a Core2Duo, 2GB of RAM and a HDD with space to install
> base system (without Xenocara, of course) would be enough.
> I can't do it on some random laptop because I need it to be
> anonymous (it will have sensitive journalistic information[*]).
> Ideally that accept cryptocoins (dashcoin or plain bitcoin) and
> from a country like Romania or Iceland, because of their historic
> free-speech protection (again, *ideally*).
> I see the people from Libreboot have a project to build a host,
> but I don't think they support OpenBSD yet and I think they never
> will... because of Stallmanism BS ("closed firmware == blob").

Host1.no will let you run OpenBSD in a VM. They accept bitcoins and have
several "sensitive" clients (one is very well-known). Host1 also have
a "cloud" platform called cloud1.no, it runs on rather old Xen, but
thanks to great efforts of Mike B, OpenBSD works fine there as well.
Installation is not straightforward, though, but it is doable... Host1
will also let you rent a dedicated box, if you need it.

Or you could get a cheap 55 EUR dedicated box at Blix
(https://www.blix.com/servers), who is also great, but Blix won't accept
BTC AFAIC.

Host1 and Blix are based in Norway.

Re: httpd and URL rewriting

[Kirill Miazine]

* Scott Vanderbilt [2017-07-06 09:25]:
> I am investigating the feasibility of migrating aRESTful webapp currently
> hosted on nginx and6.1-currentto use httpd. Naturally, such an application
> requires a URL-rewriting facility.

Does it really *require* URL rewriting?

> Perusing the httpd.conf(5) and httpd(8) man pages, this list's archive, and
> Google, I see nothing that indicates this is possible. Of course, I know you
> can redirect from within httpd, but that's obviously not thesort of behavior
> an app like this requires.
> 
> I am encouraged by reyk@'s post to tech on 20 June 2015 wherein he says
> "Here is a diff that adds pattern matching to httpd, allowing rewrites with
> redirects." But that last bit is kind of ambiguous about whether rewrites
> independent of redirects can be achieved.
> 
> Might anyone knowwhether this can be accomplished and how?

Below is working config for https://uptime.is/. You can put uptime
percentage after the slash, it it will work without redirect. In
addition, I made some redirects from common names to percents.
Config:

[...]
location "/" {
fastcgi
root "/htdocs/uptime/simple.cgi"
}
location match "^/%d+[,%.]?%d*$" {
fastcgi
root "/htdocs/uptime/simple.cgi"
}
location "/three-nines" {
block return 302 "/99.9"
    }
[...]

The CGI script inspects the environment variable PATH_INFO.

> Many thanks.

-- 
-- Kirill Miazine <k...@krot.org>

Re: problem with external disk on 6.1

[Kirill]

small add on:
this happens only when plug device on a working machine (if device
recognized while system boot, it acts normal)
And if unplug it later half (physically) and plug again it works ok.


On 05/04/17 16:10, Kirill wrote:
> Hello!
> There is a problem with my WD external disk on 6.1. on 6.0 there are no
> problems.
> 
> dmesg:
> nightlord@work:[~]% dmesg
> OpenBSD 6.1 (GENERIC.MP) #5: Thu Apr 13 11:26:43 MSK 2017
> r...@work.nightbbs.ru:/usr/obj/sys/arch/amd64/compile/GENERIC.MP
> real mem = 2056990720 (1961MB)
> avail mem = 1990025216 (1897MB)
> mpath0 at root
> scsibus0 at mpath0: 256 targets
> mainbus0 at root
> bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xe9f80 (85 entries)
> bios0: vendor Hewlett-Packard version "786G1 v01.08" date 08/25/2008
> bios0: Hewlett-Packard HP Compaq dc7900 Small Form Factor
> acpi0 at bios0: rev 0
> acpi0: sleep states S0 S3 S4 S5
> acpi0: tables DSDT FACP APIC ASF! MCFG TCPA SLIC HPET DMAR
> acpi0: wakeup devices COM1(S4) PCI0(S4) PEG1(S4) PEG2(S4) IGBE(S4)
> PCX1(S4) PCX2(S4) PCX5(S4) PCX6(S4) HUB_(S4) USB1(S3) USB2(S3) USB3(S3)
> USB4(S3) USB5(S3) USB6(S3) [...]
> acpitimer0 at acpi0: 3579545 Hz, 24 bits
> acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
> cpu0 at mainbus0: apid 0 (boot processor)
> cpu0: Intel(R) Core(TM)2 Duo CPU E8500 @ 3.16GHz, 3159.08 MHz
> cpu0:
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF,SENSOR
> cpu0: 6MB 64b/line 16-way L2 cache
> cpu0: smt 0, core 0, package 0
> mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
> cpu0: apic clock running at 332MHz
> cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE
> cpu1 at mainbus0: apid 1 (application processor)
> cpu1: Intel(R) Core(TM)2 Duo CPU E8500 @ 3.16GHz, 3158.73 MHz
> cpu1:
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF,SENSOR
> cpu1: 6MB 64b/line 16-way L2 cache
> cpu1: smt 0, core 1, package 0
> ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
> acpimcfg0 at acpi0 addr 0xf400, bus 0-63
> acpihpet0 at acpi0: 14318179 Hz
> acpiprt0 at acpi0: bus 0 (PCI0)
> acpiprt1 at acpi0: bus -1 (PEG1)
> acpiprt2 at acpi0: bus -1 (PEG2)
> acpiprt3 at acpi0: bus 32 (PCX1)
> acpiprt4 at acpi0: bus -1 (PCX2)
> acpiprt5 at acpi0: bus 48 (PCX5)
> acpiprt6 at acpi0: bus -1 (PCX6)
> acpiprt7 at acpi0: bus 7 (HUB_)
> acpicpu0 at acpi0: !C2(500@17 mwait.3@0x10), C1(1000@1 mwait.1)
> acpicpu1 at acpi0: !C2(500@17 mwait.3@0x10), C1(1000@1 mwait.1)
> "PNP0F13" at acpi0 not configured
> "PNP0303" at acpi0 not configured
> "PNP0501" at acpi0 not configured
> "PNP0700" at acpi0 not configured
> "PNP0003" at acpi0 not configured
> acpibtn0 at acpi0: PBTN
> "PNP0C14" at acpi0 not configured
> cpu0: unknown Enhanced SpeedStep CPU, msr 0x0616492206004922
> cpu0: using only highest and lowest power states
> cpu0: Enhanced SpeedStep 3159 MHz: speeds: 24333, 2000 MHz
> pci0 at mainbus0 bus 0
> pchb0 at pci0 dev 0 function 0 "Intel Q45 Host" rev 0x03
> inteldrm0 at pci0 dev 2 function 0 "Intel Q45 Video" rev 0x03
> drm0 at inteldrm0
> intagp0 at inteldrm0
> agp0 at intagp0: aperture at 0xe000, size 0x1000
> inteldrm0: msi
> inteldrm0: 1280x1024, 32bpp
> wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation)
> wsdisplay0: screen 1-5 added (std, vt100 emulation)
> "Intel Q45 Video" rev 0x03 at pci0 dev 2 function 1 not configured
> "Intel Q45 HECI" rev 0x03 at pci0 dev 3 function 0 not configured
> pciide0 at pci0 dev 3 function 2 "Intel Q45 PT IDER" rev 0x03: DMA
> (unsupported), channel 0 wired to native-PCI, channel 1 wired to native-PCI
> pciide0: using apic 1 int 18 for native-PCI interrupt
> pciide0: channel 0 ignored (not responding; disabled or no drives?)
> pciide0: channel 1 ignored (not responding; disabled or no drives?)
> puc0 at pci0 dev 3 function 3 "Intel Q45 KT" rev 0x03: ports: 1 com
> com4 at puc0 port 0 apic 1 int 17: ns16550a, 16 byte fifo
> com4: probed fifo depth: 15 bytes
> em0 at pci0 dev 25 function 0 "Intel ICH10 D BM LM" rev 0x02: msi,
> address 00:23:7d:4e:a2:5c
> uhci0 at pci0 dev 26 function 0 "Intel 82801JD USB" rev 0x02: apic 1 int 20
> uhci1 at pci0 dev 26 function 1 "Intel 82801JD USB" rev 0x02: apic 1 int 21
> uhci2 at pci0 dev 26 function 2 "Intel 82801JD USB" rev 0x02: apic 1 int 22
>

problem with external disk on 6.1

[Kirill]

Hello!
There is a problem with my WD external disk on 6.1. on 6.0 there are no
problems.

dmesg:
nightlord@work:[~]% dmesg
OpenBSD 6.1 (GENERIC.MP) #5: Thu Apr 13 11:26:43 MSK 2017
r...@work.nightbbs.ru:/usr/obj/sys/arch/amd64/compile/GENERIC.MP
real mem = 2056990720 (1961MB)
avail mem = 1990025216 (1897MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xe9f80 (85 entries)
bios0: vendor Hewlett-Packard version "786G1 v01.08" date 08/25/2008
bios0: Hewlett-Packard HP Compaq dc7900 Small Form Factor
acpi0 at bios0: rev 0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC ASF! MCFG TCPA SLIC HPET DMAR
acpi0: wakeup devices COM1(S4) PCI0(S4) PEG1(S4) PEG2(S4) IGBE(S4)
PCX1(S4) PCX2(S4) PCX5(S4) PCX6(S4) HUB_(S4) USB1(S3) USB2(S3) USB3(S3)
USB4(S3) USB5(S3) USB6(S3) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM)2 Duo CPU E8500 @ 3.16GHz, 3159.08 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF,SENSOR
cpu0: 6MB 64b/line 16-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 332MHz
cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 Duo CPU E8500 @ 3.16GHz, 3158.73 MHz
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF,SENSOR
cpu1: 6MB 64b/line 16-way L2 cache
cpu1: smt 0, core 1, package 0
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
acpimcfg0 at acpi0 addr 0xf400, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEG1)
acpiprt2 at acpi0: bus -1 (PEG2)
acpiprt3 at acpi0: bus 32 (PCX1)
acpiprt4 at acpi0: bus -1 (PCX2)
acpiprt5 at acpi0: bus 48 (PCX5)
acpiprt6 at acpi0: bus -1 (PCX6)
acpiprt7 at acpi0: bus 7 (HUB_)
acpicpu0 at acpi0: !C2(500@17 mwait.3@0x10), C1(1000@1 mwait.1)
acpicpu1 at acpi0: !C2(500@17 mwait.3@0x10), C1(1000@1 mwait.1)
"PNP0F13" at acpi0 not configured
"PNP0303" at acpi0 not configured
"PNP0501" at acpi0 not configured
"PNP0700" at acpi0 not configured
"PNP0003" at acpi0 not configured
acpibtn0 at acpi0: PBTN
"PNP0C14" at acpi0 not configured
cpu0: unknown Enhanced SpeedStep CPU, msr 0x0616492206004922
cpu0: using only highest and lowest power states
cpu0: Enhanced SpeedStep 3159 MHz: speeds: 24333, 2000 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Q45 Host" rev 0x03
inteldrm0 at pci0 dev 2 function 0 "Intel Q45 Video" rev 0x03
drm0 at inteldrm0
intagp0 at inteldrm0
agp0 at intagp0: aperture at 0xe000, size 0x1000
inteldrm0: msi
inteldrm0: 1280x1024, 32bpp
wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
"Intel Q45 Video" rev 0x03 at pci0 dev 2 function 1 not configured
"Intel Q45 HECI" rev 0x03 at pci0 dev 3 function 0 not configured
pciide0 at pci0 dev 3 function 2 "Intel Q45 PT IDER" rev 0x03: DMA
(unsupported), channel 0 wired to native-PCI, channel 1 wired to native-PCI
pciide0: using apic 1 int 18 for native-PCI interrupt
pciide0: channel 0 ignored (not responding; disabled or no drives?)
pciide0: channel 1 ignored (not responding; disabled or no drives?)
puc0 at pci0 dev 3 function 3 "Intel Q45 KT" rev 0x03: ports: 1 com
com4 at puc0 port 0 apic 1 int 17: ns16550a, 16 byte fifo
com4: probed fifo depth: 15 bytes
em0 at pci0 dev 25 function 0 "Intel ICH10 D BM LM" rev 0x02: msi,
address 00:23:7d:4e:a2:5c
uhci0 at pci0 dev 26 function 0 "Intel 82801JD USB" rev 0x02: apic 1 int 20
uhci1 at pci0 dev 26 function 1 "Intel 82801JD USB" rev 0x02: apic 1 int 21
uhci2 at pci0 dev 26 function 2 "Intel 82801JD USB" rev 0x02: apic 1 int 22
ehci0 at pci0 dev 26 function 7 "Intel 82801JD USB" rev 0x02: apic 1 int 22
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "Intel EHCI root hub" rev
2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 "Intel 82801JD HD Audio" rev 0x02: msi
azalia0: codecs: Analog Devices AD1884A
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 "Intel 82801JD PCIE" rev 0x02: msi
pci1 at ppb0 bus 32
ppb1 at pci0 dev 28 function 4 "Intel 82801JD PCIE" rev 0x02: msi
pci2 at ppb1 bus 48
uhci3 at pci0 dev 29 function 0 "Intel 82801JD USB" rev 0x02: apic 1 int 20
uhci4 at pci0 dev 29 function 1 "Intel 82801JD USB" rev 0x02: apic 1 int 21
uhci5 at pci0 dev 29 function 2 "Intel 82801JD USB" rev 0x02: apic 1 int 22
ehci1 at pci0 dev 29 function 7 "Intel 82801JD USB" rev 0x02: apic 1 int 20
usb1 at ehci1: USB revision 2.0
uhub1 at 

Re: tlsv1 alert decrypt error

[Kirill Miazine]

* Kirill Miazine [2017-03-02 16:46]:

* Kirill Miazine [2017-03-02 13:28]:

Hi, list

Recently I've noticed a number of error messages in my Exim mail log:

 TLS error on connection from mx1.slc.paypal.com (mx0.slc.paypal.com) 
[173.0.84.226] \
 (SSL_accept): error:1403741B:SSL routines:ACCEPT_SR_KEY_EXCH:tlsv1 alert 
decrypt error
 TLS client disconnected cleanly (rejected our certificate?)


[...]

The system is a couple of days old snapshot. The system used to run 6.0
until recently, I was tempted to upgrade now that DNSSEC support in the
resolver has appeared.


the Norwegian Unix User Group's server skapet has a snapshot dated 4th
February 2017 and has also seen traces of the issue:

16:38 < pitrh> 2017-03-02 02:09:50 TLS error on connection from 
mx0.phx.paypal.com
  [66.211.168.230] (SSL_accept): error:14FFF41B:SSL 
routines:SSL_internal:tlsv1
  alert decrypt error
[...]
16:38 < pitrh> 2017-02-24 14:00:44 TLS error on connection from 
(mailbanderolepub.com)
  [81.56.249.123] (SSL_accept): error:14FFF41B:SSL 
routines:SSL_internal:tlsv1
  alert decrypt error


This is related to LibreSSL: I've rebuilt Exim with OpenSSL from the
openssl-1.0.2k package and forced an email from PayPal (another 10 EUR
to the foundation). The email arrived just fine...

Received: from mx0.slc.paypal.com ([173.0.84.225])
   by mail.krot.org with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
   (Exim 4.89_RC7)
   (envelope-from <serv...@paypal.com>)
   id 1cjZnX-000Gru-TS
   for k...@krot.org; Fri, 03 Mar 2017 00:06:12 +0100

--
   -- Kirill Miazine <k...@krot.org>

Re: tlsv1 alert decrypt error

[Kirill Miazine]

* Kirill Miazine [2017-03-02 13:28]:

Hi, list

Recently I've noticed a number of error messages in my Exim mail log:

  TLS error on connection from mx1.slc.paypal.com (mx0.slc.paypal.com) 
[173.0.84.226] \
  (SSL_accept): error:1403741B:SSL routines:ACCEPT_SR_KEY_EXCH:tlsv1 alert 
decrypt error
  TLS client disconnected cleanly (rejected our certificate?)


[...]

The system is a couple of days old snapshot. The system used to run 6.0
until recently, I was tempted to upgrade now that DNSSEC support in the
resolver has appeared.


the Norwegian Unix User Group's server skapet has a snapshot dated 4th
February 2017 and has also seen traces of the issue:

16:38 < pitrh> 2017-03-02 02:09:50 TLS error on connection from 
mx0.phx.paypal.com
   [66.211.168.230] (SSL_accept): error:14FFF41B:SSL 
routines:SSL_internal:tlsv1
   alert decrypt error
[...]
16:38 < pitrh> 2017-02-24 14:00:44 TLS error on connection from 
(mailbanderolepub.com)
   [81.56.249.123] (SSL_accept): error:14FFF41B:SSL 
routines:SSL_internal:tlsv1
   alert decrypt error


dmesg follows:

[...]

tlsv1 alert decrypt error

[Kirill Miazine]

Hi, list

Recently I've noticed a number of error messages in my Exim mail log:

   TLS error on connection from mx1.slc.paypal.com (mx0.slc.paypal.com) 
[173.0.84.226] \
   (SSL_accept): error:1403741B:SSL routines:ACCEPT_SR_KEY_EXCH:tlsv1 alert 
decrypt error
   TLS client disconnected cleanly (rejected our certificate?)

(PayPal is trying to deliver a receipt for my monthly donation to the
OpenBSD Foundation, which is on the 1st day month.)

I managed to get a packet dump for the error (different host, not
paypal, but same error): https://beebox.krot.org/port25dump.tgz

The system is a couple of days old snapshot. The system used to run 6.0
until recently, I was tempted to upgrade now that DNSSEC support in the
resolver has appeared.

Any clues on what might be wrong here?

dmesg follows:

OpenBSD 6.0-current (GENERIC.MP) #201: Tue Feb 28 09:58:00 MST 2017
   dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 1056808960 (1007MB)
avail mem = 1020166144 (972MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xf6a10 (9 entries)
bios0: vendor SeaBIOS version "rel-1.9.1-0-gb3ef39f-prebuilt.qemu-project.org" 
date 04/01/2014
bios0: QEMU Standard PC (i440FX + PIIX, 1996)
acpi0 at bios0: rev 0
acpi0: sleep states S3 S4 S5
acpi0: tables DSDT FACP APIC HPET
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Westmere E56xx/L56xx/X56xx (Nehalem-C), 2200.32 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,PCLMUL,SSSE3,CX16,SSE4.1,SSE4.2,x2APIC,POPCNT,AES,HV,NXE,LONG,LAHF,ARAT
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 
16-way L2 cache
cpu0: ITLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: DTLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 1000MHz
ioapic0 at mainbus0: apid 0 pa 0xfec0, version 11, 24 pins
acpihpet0 at acpi0: 1 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0: C1(@1 halt!)
"ACPI0006" at acpi0 not configured
"PNP0303" at acpi0 not configured
"PNP0F13" at acpi0 not configured
"PNP0700" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"QEMU0002" at acpi0 not configured
"PNP0A06" at acpi0 not configured
pvbus0 at mainbus0: KVM
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel 82441FX" rev 0x02
pcib0 at pci0 dev 1 function 0 "Intel 82371SB ISA" rev 0x00
pciide0 at pci0 dev 1 function 1 "Intel 82371SB IDE" rev 0x00: DMA, channel 0 
wired to compatibility, channel 1 wired to compatibility
pciide0: channel 0 disabled (no drives)
pciide0: channel 1 disabled (no drives)
uhci0 at pci0 dev 1 function 2 "Intel 82371SB USB" rev 0x01: apic 0 int 11
piixpm0 at pci0 dev 1 function 3 "Intel 82371AB Power" rev 0x03: apic 0 int 9
iic0 at piixpm0
vga1 at pci0 dev 2 function 0 "Bochs VGA" rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
virtio0 at pci0 dev 3 function 0 "Qumranet Virtio Network" rev 0x00
vio0 at virtio0: address 52:54:00:eb:1d:ce
virtio0: msix shared
eap0 at pci0 dev 4 function 0 "Ensoniq AudioPCI" rev 0x00: apic 0 int 11
audio0 at eap0
midi0 at eap0: 
virtio1 at pci0 dev 5 function 0 "Qumranet Virtio Storage" rev 0x00
vioblk0 at virtio1
scsibus1 at vioblk0: 2 targets
sd0 at scsibus1 targ 0 lun 0:  SCSI3 0/direct fixed
sd0: 51200MB, 512 bytes/sector, 104857600 sectors
virtio1: msix shared
virtio2 at pci0 dev 6 function 0 "Qumranet Virtio Storage" rev 0x00
vioblk1 at virtio2
scsibus2 at vioblk1: 2 targets
sd1 at scsibus2 targ 0 lun 0:  SCSI3 0/direct fixed
sd1: 2097152MB, 512 bytes/sector, 4294967296 sectors
virtio2: msix shared
virtio3 at pci0 dev 7 function 0 "Qumranet Virtio Memory" rev 0x00
viomb0 at virtio3
virtio3: apic 0 int 11
isa0 at pcib0
isadma0 at isa0
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 1: density unknown
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
usb0 at uhci0: USB revision 1.0
uhub0 at usb0 configuration 1 interface 0 "Intel UHCI root hub" rev 1.00/1.00 
addr 1
vmm at mainbus0 not configured
uhidev0 at uhub0 port 1 configuration 1 interface 0 "QEMU QEMU USB Tablet" rev 
2.00/0.00 addr 2
uhidev0: iclass 3/0
ums0 at uhidev0: 3 buttons, Z dir
wsmouse1 at ums0 mux 0
vscsi0 at root
scsibus3 at vscsi0: 256 targets
softraid0 at root
scsibus4 at softraid0: 256 targets
root on sd0a (84faadf7d7f0d9a3.a) swap on sd0b dump on sd0b

RES_USE_EDNS0 and RES_USE_DNSSEC in libc resolver

[Kirill Miazine]

Hi, list

Having spent several hours trying to find out whether RES_USE_DNSSEC actually 
does
anything on OpenBSD, I have to ask for help...

I'm actually debugging DNSSEC in Exim, which sets both RES_USE_EDNS0 and
RES_USE_DNSSEC options, sends queries to a local resolver that does
validations (I can confirm this with dig), but when res_search() is run,
the responses come without AD/DO set... I thought that this is strange.
So I dived into src/lib/libc/asr code (I started elsewhere, but my
searches took me there) and it looks like neither RES_USE_EDNS0 nor
RES_USE_DNSSEC does anything.

Is that right conclusion?

--
   -- Kirill Miazine <k...@krot.org>

Your PHP install does not have the mhash() function.

[Kirill Peskov]

Hi All!

Using phpldapadmin under OpenBSD 5.9 recently I ran into a problem with
php-5.6 (fpm). phpldapadmin cannot work with password hashes and shows
the message:

Your PHP install does not have the mhash() function. In the older
versions there was separate extension for php-mhash, in the current one
this is not the case. mhash library from ports tree is already installed.

Any ideas (except building php binary from sources with --with-mhash
option)?


Thanx in advance,

Kirill

Re: Unable to open UPS device. [apcupsd]

[Kirill Bychkov]

On Thu, July 14, 2016 15:56, Radek wrote:
> Hi,
> I can not set up apcupsd to work with USB. Any help appreciated.
>
[...]
>
> #dmesg
[...]
> uhidev0 at uhub2 port 1 configuration 1 interface 0 "American Power Conversion
> Smart-UPS 2200 FW:UPS 09.3 / ID=18" rev 2.00/1.06 addr 2
> uhidev0: iclass 3/0, 146 report ids
> upd0 at uhidev0

Hi!
If you want your USB UPS to work with apcupsd you should disable upd and
uhidev drivers in your kernel. When UPS attach like ugen* then it wil work
with apcupsd.
Take a look at /usr/local/share/doc/pkg-readmes/apcupsd-3.14.1*

Re: FOSS tools for flashing motherboard BIOS?

[Kirill Bychkov]

On Mon, June 6, 2016 16:52, Alan Corey wrote:
> I have an HP Pavilion DV2700 laptop with an old BIOS version I'd like
> to update.  HP's official solution is to run something under the
> dinosaur Windows Vista, which I was glad to wash my hands of about 7
> years ago.
>
> I opened up HP's exe file (rename to a zip and unzip), inside is a 1
> meg file 30cdf2d.wph which I think is the payload.  It's a Phoenix
> BIOS so it's set up to use Phoenix's WinPhlash utility.  I have no
> operating system at all on the machine at present, it has no floppy
> drive, doesn't boot from the CD/DVD.  I can boot from USB or the hard
> drive only.  I can put in an old hard drive from another laptop and
> boot it into OpenBSD.  Not booting from the CD is what I'm trying to
> fix, a guy at HP support seems to think flashing the BIOS may help.
> It's possible there are remnants of Windows "Secure Boot" around from
> somebody trying to load Windows 7+ although since I can boot from USB
> (a gparted ISO written to an SD card plugged into a USB reader) I
> doubt it.
>
> On the Arch Linux page at
> https://wiki.archlinux.org/index.php/Flashing_BIOS_from_Linux there's
> mention of a couple programs that might work: BiosDisk and Flashrom.
> Anybody use either of those under OpenBSD?  I haven't tried chasing
> down the source and trying to build them, I was a little surprised
> they aren't in sysutils.  I don't see anything in there for flashing,
> just looking in pbrowser.
>
Hi,
flashrom was imported some time ago:
http://marc.info/?l=openbsd-ports-cvs=146479937629535=2

Re: owncloud forgetting stored user and admin passwords. 5.9-Stable

[Kirill Bychkov]

On Tue, May 3, 2016 21:32, Nick wrote:
> I have been having these issues with owncloud on 5.9 Stable where I will go to
> log in and says password is wrong, I have two set ups - one in the cloud and
> one at home, both are randomly doing this. My partner had to change password 8
> times last night before it would actually work on next log back in login.
>
> Anyone else been having similar issues?
>
>
I suppose you're mixing up qtkeychain password and owncloud password. Take a
closer look on the window you're entering password in.

ehci: port reset timeout

[Kirill]

after some manipulations (assign address and ping it) with the urndis
device and unplug it usb port stops work.

dmesg  
OpenBSD 5.9-stable (GENERIC.MP) #0: Mon Apr 18 13:50:24 MSK 2016
r...@work.nightbbs.ru:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 2056990720 (1961MB)
avail mem = 1990508544 (1898MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xe9f80 (85 entries)
bios0: vendor Hewlett-Packard version "786G1 v01.08" date 08/25/2008
bios0: Hewlett-Packard HP Compaq dc7900 Small Form Factor
acpi0 at bios0: rev 0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC ASF! MCFG TCPA SLIC HPET DMAR
acpi0: wakeup devices COM1(S4) COM2(S4) PCI0(S4) PEG1(S4) PEG2(S4)
IGBE(S4) PCX1(S4) PCX2(S4) PCX5(S4) PCX6(S4) HUB_(S4) USB1(S3) USB2(S3)
USB3(S3) USB4(S3) USB5(S3) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM)2 Duo CPU E8500 @ 3.16GHz, 3159.18 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF,SENSOR
cpu0: 6MB 64b/line 16-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 332MHz
cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 Duo CPU E8500 @ 3.16GHz, 3158.72 MHz
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF,SENSOR
cpu1: 6MB 64b/line 16-way L2 cache
cpu1: smt 0, core 1, package 0
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 1
acpimcfg0 at acpi0 addr 0xf400, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEG1)
acpiprt2 at acpi0: bus -1 (PEG2)
acpiprt3 at acpi0: bus 32 (PCX1)
acpiprt4 at acpi0: bus -1 (PCX2)
acpiprt5 at acpi0: bus 48 (PCX5)
acpiprt6 at acpi0: bus -1 (PCX6)
acpiprt7 at acpi0: bus 7 (HUB_)
acpicpu0 at acpi0: !C2(500@17 mwait.3@0x10), C1(1000@1 mwait.1)
acpicpu1 at acpi0: !C2(500@17 mwait.3@0x10), C1(1000@1 mwait.1)
acpibtn0 at acpi0: PBTN
cpu0: unknown Enhanced SpeedStep CPU, msr 0x0616492206004922
cpu0: using only highest and lowest power states
cpu0: Enhanced SpeedStep 3159 MHz: speeds: 24333, 2000 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Q45 Host" rev 0x03
inteldrm0 at pci0 dev 2 function 0 "Intel Q45 Video" rev 0x03
drm0 at inteldrm0
intagp0 at inteldrm0
agp0 at intagp0: aperture at 0xe000, size 0x1000
inteldrm0: msi
inteldrm0: 1280x1024
wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
"Intel Q45 Video" rev 0x03 at pci0 dev 2 function 1 not configured
"Intel Q45 HECI" rev 0x03 at pci0 dev 3 function 0 not configured
pciide0 at pci0 dev 3 function 2 "Intel Q45 PT IDER" rev 0x03: DMA
(unsupported), channel 0 wired to native-PCI, channel 1 wired to native-PCI
pciide0: using apic 1 int 18 for native-PCI interrupt
pciide0: channel 0 ignored (not responding; disabled or no drives?)
pciide0: channel 1 ignored (not responding; disabled or no drives?)
puc0 at pci0 dev 3 function 3 "Intel Q45 KT" rev 0x03: ports: 1 com
com4 at puc0 port 0 apic 1 int 17: ns16550a, 16 byte fifo
com4: probed fifo depth: 15 bytes
em0 at pci0 dev 25 function 0 "Intel ICH10 D BM LM" rev 0x02: msi,
address 00:23:7d:4e:a2:5c
uhci0 at pci0 dev 26 function 0 "Intel 82801JD USB" rev 0x02: apic 1 int 20
uhci1 at pci0 dev 26 function 1 "Intel 82801JD USB" rev 0x02: apic 1 int 21
uhci2 at pci0 dev 26 function 2 "Intel 82801JD USB" rev 0x02: apic 1 int 22
ehci0 at pci0 dev 26 function 7 "Intel 82801JD USB" rev 0x02: apic 1 int 22
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 "Intel 82801JD HD Audio" rev 0x02: msi
azalia0: codecs: Analog Devices AD1884A
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 "Intel 82801JD PCIE" rev 0x02: msi
pci1 at ppb0 bus 32
ppb1 at pci0 dev 28 function 4 "Intel 82801JD PCIE" rev 0x02: msi
pci2 at ppb1 bus 48
uhci3 at pci0 dev 29 function 0 "Intel 82801JD USB" rev 0x02: apic 1 int 20
uhci4 at pci0 dev 29 function 1 "Intel 82801JD USB" rev 0x02: apic 1 int 21
uhci5 at pci0 dev 29 function 2 "Intel 82801JD USB" rev 0x02: apic 1 int 22
ehci1 at pci0 dev 29 function 7 "Intel 82801JD USB" rev 0x02: apic 1 int 20
usb1 at ehci1: USB revision 2.0
uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb2 at pci0 dev 30 function 0 "Intel 82801BA Hub-to-PCI" rev 0xa2
pci3 at ppb2 bus 7
pcib0 at pci0 dev 31 

Re: audio capturing

[Kirill]

On 12/29/15 14:21, Alexandre Ratchov wrote:
> On Mon, Dec 28, 2015 at 05:45:40PM +0300, Kirill wrote:
>> On 12/28/15 17:21, Jan Stary wrote:
>>> On Dec 28 16:46:24, nightl...@nightbbs.ru wrote:
>>>> I want to capture audio from another app to file or simply stdout. How
>>>> can I do this?
>>> It woould be easier to help you you just said what "app" it is
>>> and how it produces "audio".
>> i want to capture with ffmpeg from dosbox (no, internal dosbox capture
>> don't need)
> you could expose a device that monitors what programs play:
>
> sndiod_flags="-s default -m play,mon -s mon"
>
> then restart sndiod and use whatever program you prefer to record
> from device "snd/0.mon". Example:
>
> ffmpeg -f sndio -i snd/0.mon foo.wav
>
> hth
HUGE thanks, all works now.

audio capturing

[Kirill]

Hello!

I want to capture audio from another app to file or simply stdout. How
can I do this?

Thanks.

Re: audio capturing

[Kirill]

On 12/28/15 17:21, Jan Stary wrote:
> On Dec 28 16:46:24, nightl...@nightbbs.ru wrote:
>> I want to capture audio from another app to file or simply stdout. How
>> can I do this?
> It woould be easier to help you you just said what "app" it is
> and how it produces "audio".

i want to capture with ffmpeg from dosbox (no, internal dosbox capture
don't need)